(:WAV) Hi everybody. Please try to understand my frenchy english : (:KWL)
Send to Comodo for analysis : ok, I already used with succes this very good fonctionality of CFP, even if I had never received a reply (yes : when you send something, you wait for a reply ! (:WIN) )
Now look at this : I subscribed to a very popular Torrent Tracker Forum (Demonoid for not to name it ! (:TNG) ). For a good “Ratio”, you have to login to the site before you run your Client. You have also to enter some codes each time you want to reply to a topic. BUT sometimes (:KWL) I get an error meesage asking me to re-type. AND I get it even if I am sure that I typed the exact password or code. AND when I re-type it (:NRD) immediately after that, CFP popups to say some “strange.exe is trying to inject itself to uTorrent.exe…and this is a trojan behavior etc…” Merci CFP but…
What I call “strange.exe” is an exe with a file name which changes each time (kowgk2y5.exe, yaleA27N.exe…I think it is randomely produced). It resides in system32 but there is no entry about it in the Registry. Its time of creation is one or two minutes ago (I mean when I was loging to Demonoid), and it has no information in its property window. No information either on the Internet about it. Good news (or perhaps very bad news?!) : Nod32 declare it OK.
But what is it and why it is trying to inject itself to my uTorrent?
So I ask CFP to send it to Comodo for analysis. Normally CFP ask you to wait when it is compressing the file, then it confirms and then you have to clic “Close” to finish. But when sending “strange.exe”, CFP window comes up and immediately disappears…
And as you know with CFP, if I ask it to bloc strange.exe, it will also block my uTorrent and or every other web application that I will run, because the nasty strange.exe is able to inject itself to almost every web application I tried. I have to delete strage.exe manualy and restart the computer.
Anybody had the same problem? Is there any application which can examine an exe and determine what it is? Thanks and before replying, dont forget to drink for Viva CFP ! :Beer