Search:  

 
theme to white backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Up and Running » Security » Security » Is aswBoot.exe malware?
Search Topic:
 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
Why is my traffic going to 209.81.9.7 port number 123? »
« Is there a rootkit scanner for WIN98?  
AuthorAll Replies


NetWatchMan
Premium,VIP
join:2001-03-13
Alpharetta, GA

reply to billy g
Re: Is aswBoot.exe malware?

Click for full size
Untrusted File
Click for full size
Extremely Trusted File
This is a good example of where you can utilize the Hash Corroboration component of our SecCheck scanner to determine if a file is likely trusted:

»www.mynetwatchman.com/tools/sc

SecCheck has aggregated SHA1 hash dumps from thousands of systems and enables you to see how hashes on your system compare to what others have submitted. E.g. in this case I'm guessing you should have seen dozens of other Avast users submitting the same SHA1 for the aswBoot.exe file.

Note the following two columns:

Machines Reporting Same Hash
-and-
Total Machines Reporting

If the machines reporting a hash is low (say less than 5) the file may not be malware, but I'm sure not going to trust it. If the number of machines reporting a hash is greater than 20, the file is almost certainly trusted.

The attachments show the extreme low-end and high-end of this trust analysis from an infected lab system.
--
Lawrence Baldwin
myNetWatchman
The Internet Neighborhood Watch
to forum · permalink · · 2006-08-06 10:02:22 · Reply to this
Forums » Up and Running » Security » SecurityWhy is my traffic going to 209.81.9.7 port number 123? »
« Is there a rootkit scanner for WIN98?  

Monday, 30-Nov 19:43:20 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.
page compression OFF
Most commented news this week
· [39] Baltimore To Ban Lazy Cable Installs
· [37] Broadband Killed The Game Console
· [30] Rural Carriers Quickly Embracing Fiber
· [27] AT&T Top Lobbyist Cicconi Has His Feelings Hurt
· [19] Midcontinent Socked With Easement Lawsuit
· [19] Charter Exits Chapter 11
· [3] Monday Morning Links
· [1] Monday Evening Links
Most people now reading
· Is Microsoft Technet ok to use for my family PC's? [Microsoft Help]
· Heating - my dad gave me this advice... [Home Repair & Improvement]
· Considering Leaving Vonage, who should I Consider? [VOIP Tech Chat]
· [Internet] Gaming problem for "Heroes of Newerth" ( New bell Upd [Bell Canada]
· Windows 7 boot manager editing questions [Microsoft Help]
· Why is VoIP Better than POTS? [VOIP Tech Chat]
· [Rant] called out sick! [Rants, Raves, and Praise]
· Fun screwing with PuG raids. [World of Warcraft]
· Are GPS's better today? [General Questions]
· Leveling to 85 [World of Warcraft]