C:\Windows\System32\Tools\Restart.exe Unclassified Malware[at]8319259
http://www.virustotal.com/analisis/f0f96e40b0da9e39e7f0dfdb55f2e90e
Automated Analysis System
File Info
* Size: 408576
* MD5: 3a33a940be4e0dbff5b431a40e96bcfd
* SHA1: 6d4db92719c4aff404c360058b531f412acb7774
* SHA256: efa2504692a7a180e4022e101f42cfcd40d32df8b04db4a4e7aa04b3f76476ec
* URL: /cgi-bin/submit?file=efa2504692a7a180e4022e101f42cfcd40d32df8b04db4a4e7aa04b3f76476ec
Windows/system32/tools/restart.exe seems to be a valid aplication. I think in “the first place” all valid files from Windows XP /Vista must be verified from FP detections an excluded from any future fp. It’s about OPERATING SYSTEM. So, i think you must begins with “bases” fisrt…
I’m not too sure. I just checked my system32 folder and I have no such file ???
Have you got any software that could be responsible for creating such a file?
It’s created on 12/8/2008, in the day whe i installed Vindows Vista Ultimate and till now i don’t encountered any problem… All files in that directory is from the same date of creation.
restart.exe
File description: Restart Conuter
Company: Elitgroup Computer Systems CO. LTD
File version: 3.0.0.0
Date created: 12/08/2008 11:27 PM
Size: 399KB
The Tools directory was created by some other application outside of Windows.
Not part of the Windows OS.
Yes, i see the entire folder is from the same company… Maybe because my motherboard is an ECS (ELITEGROUP) manufactured and some motherboard software from installation CD went into system32 folder…
[attachment deleted by admin]
Hi razor74,
Please check with our latest updates
Thanks,
Ramanan
Yes, it’s OK now. Thanks.