A file named NNM.exe (Found in directory c:\DELL\omsw\ihv\common\NNPortmapper) is being reported as infected by the aformentioned virus.
However, being suspicious, I run it through an online scanner.
Here are the results…
File nnm.exe received on 10.26.2007 09:29:30 (CET)Result: 2/32 (6.25%)
Antivirus Version Last Update Result
AhnLab-V3 2007.10.26.0 2007.10.26 -
AntiVir 7.6.0.27 2007.10.26 -
Authentium 4.93.8 2007.10.25 -
Avast 4.7.1074.0 2007.10.25 Win32:Agent-MJF
AVG 7.5.0.503 2007.10.25 -
BitDefender 7.2 2007.10.26 -
CAT-QuickHeal 9.00 2007.10.25 -
ClamAV 0.91.2 2007.10.26 -
DrWeb 4.44.0.09170 2007.10.26 -
eSafe 7.0.15.0 2007.10.22 -
eTrust-Vet 31.2.5241 2007.10.25 -
Ewido 4.0 2007.10.25 -
FileAdvisor 1 2007.10.26 -
Fortinet 3.11.0.0 2007.10.19 -
F-Prot 4.3.2.48 2007.10.25 -
F-Secure 6.70.13030.0 2007.10.26 -
Ikarus T3.1.1.12 2007.10.26 Virus.Win32.Agent.MJF
Kaspersky 7.0.0.125 2007.10.26 -
McAfee 5149 2007.10.25 -
Microsoft 1.2908 2007.10.26 -
NOD32v2 2618 2007.10.26 -
Norman 5.80.02 2007.10.25 -
Panda 9.0.0.4 2007.10.26 -
Prevx1 V2 2007.10.26 -
Rising 19.46.40.00 2007.10.26 -
Sophos 4.22.0 2007.10.26 -
Sunbelt 2.2.907.0 2007.10.26 -
Symantec 10 2007.10.26 -
TheHacker 6.2.9.107 2007.10.25 -
VBA32 3.12.2.4 2007.10.26 -
VirusBuster 4.3.26:9 2007.10.25 -
Webwasher-Gateway 6.6.1 2007.10.26 -
Additional information
File size: 90112 bytes
MD5: 2f660eb9f5196d073fac4d6dd57ed1dc
SHA1: f01e0337c251b19352dd896eccdc3030a3ee0221
As you can see, only 2 pick it up as a virus. Now either they are very up-to-date or…it’s a falsie.
Is it worth sending the file to Avast! labs if they already have it pegged as a virus?