NiCbaZ
05-16-2008, 09:01 AM
I have a virus on my computer some how got on through a usb, i have tryed lots of things none have worked so far..
What we know about GWTHTIS.EXE:
GWTHTIS.EXE
AUTOMATED MALWARE PROFILE, ANALYSIS, REMOVAL AND SIGNATURE INFORMATION:
DEFINITION OF: GWTHTIS.EXE
* Safety Rating: Known Malware, do not run
* Malware Family: Part of Malware group - Downloader Drev A
* Determination: Automatically determined using Prevx centralized heuristics
* Malware Form: EXPLOIT
* Protection: Prevx provides powerful security products that you can use to detect, remove and protect you from GWTHTIS.EXE and safeguard your PC against viruses, trojans, worms, spyware, rootkits and adware
* Why risk having spyware on your PC when it takes less than 2 minutes to thoroughly check it with Prevx CSI? Click here to check your PC with Prevx CSI Now.
* First seen: May 23 2007 (GMT)
* Last seen: May 23 2007 (GMT)
* File Size: 46,526 bytes
MALWARE ASSESSMENT: PREVX 4 AXES OF EVIL METHODOLOGY
1. COVERT ANALYSIS OF: GWTHTIS.EXE
* File Names Used: 8
* Paths Used: 4
* Common File Name: GWTHTIS.EXE
* Common Path: ?:\
* Vendor Information: No Vendor details specified
* GWTHTIS.EXE may use 8 or more path and file names, these are the most common:
* 1 :%WINDIR%\SYSTEM32\DOWN1.EXE
* 2 :%WINDIR%\SYSTEM32\GWTHTIS.EXE
* 3 :%WINDIR%\SYSTEM32\MEEX.COM
* 4 :%WINDIR%\SYSTEM32\SEXIT.DAT
* 5 :%WINDIR%\SYSTEM32\SYBQNUB.EXE
* 6 :?:\UDJUDWQ.EXE
* File Name Structure: Normal
* File and Path Structure: Normal
2. RELATIONSHIP ANALYSIS OF: GWTHTIS.EXE
* Malicious Objects Created: 4 objects
* Malicious Creators: 2
* Malware Run Keys: None
* Self Persists:
* Antivirus Detection: No third party antivirus detection observed
* Anti-Spyware Detection: No third party anti-spyware detection observed
3. ACTIVITY ANALYSIS OF: GWTHTIS.EXE
* The following behaviors have been observed for this object:
* Installs programs.
* Deletes programs.
* Invokes dll components.
* Creates Run Keys.
* Runs other programs.
* Communicates with web sites using httpout protocols.
* Has outbound communications.
* Creates known malware.
* Creates copies of itself.
4. PROPAGATION ANALYSIS OF: GWTHTIS.EXE
* Malware Group Propagation Rate: Moderate (spreading)
* Malware Group: Downloader Drev A
* Copyright Prevx Limited 2005, 2006
Other versions of GWTHTIS.EXE
im loosing files as i type i backup my hard drive to a portable hard dive so thats not a prob, comps slow wing down loosing rs acc because its a keylogger as well i need help
ASAP
What we know about GWTHTIS.EXE:
GWTHTIS.EXE
AUTOMATED MALWARE PROFILE, ANALYSIS, REMOVAL AND SIGNATURE INFORMATION:
DEFINITION OF: GWTHTIS.EXE
* Safety Rating: Known Malware, do not run
* Malware Family: Part of Malware group - Downloader Drev A
* Determination: Automatically determined using Prevx centralized heuristics
* Malware Form: EXPLOIT
* Protection: Prevx provides powerful security products that you can use to detect, remove and protect you from GWTHTIS.EXE and safeguard your PC against viruses, trojans, worms, spyware, rootkits and adware
* Why risk having spyware on your PC when it takes less than 2 minutes to thoroughly check it with Prevx CSI? Click here to check your PC with Prevx CSI Now.
* First seen: May 23 2007 (GMT)
* Last seen: May 23 2007 (GMT)
* File Size: 46,526 bytes
MALWARE ASSESSMENT: PREVX 4 AXES OF EVIL METHODOLOGY
1. COVERT ANALYSIS OF: GWTHTIS.EXE
* File Names Used: 8
* Paths Used: 4
* Common File Name: GWTHTIS.EXE
* Common Path: ?:\
* Vendor Information: No Vendor details specified
* GWTHTIS.EXE may use 8 or more path and file names, these are the most common:
* 1 :%WINDIR%\SYSTEM32\DOWN1.EXE
* 2 :%WINDIR%\SYSTEM32\GWTHTIS.EXE
* 3 :%WINDIR%\SYSTEM32\MEEX.COM
* 4 :%WINDIR%\SYSTEM32\SEXIT.DAT
* 5 :%WINDIR%\SYSTEM32\SYBQNUB.EXE
* 6 :?:\UDJUDWQ.EXE
* File Name Structure: Normal
* File and Path Structure: Normal
2. RELATIONSHIP ANALYSIS OF: GWTHTIS.EXE
* Malicious Objects Created: 4 objects
* Malicious Creators: 2
* Malware Run Keys: None
* Self Persists:
* Antivirus Detection: No third party antivirus detection observed
* Anti-Spyware Detection: No third party anti-spyware detection observed
3. ACTIVITY ANALYSIS OF: GWTHTIS.EXE
* The following behaviors have been observed for this object:
* Installs programs.
* Deletes programs.
* Invokes dll components.
* Creates Run Keys.
* Runs other programs.
* Communicates with web sites using httpout protocols.
* Has outbound communications.
* Creates known malware.
* Creates copies of itself.
4. PROPAGATION ANALYSIS OF: GWTHTIS.EXE
* Malware Group Propagation Rate: Moderate (spreading)
* Malware Group: Downloader Drev A
* Copyright Prevx Limited 2005, 2006
Other versions of GWTHTIS.EXE
im loosing files as i type i backup my hard drive to a portable hard dive so thats not a prob, comps slow wing down loosing rs acc because its a keylogger as well i need help
ASAP