Panda Scan Result.. Restart.exe

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

atryeu

Thread Starter
Banned
Joined
Jun 24, 2006
Messages
211
Hi there!

I just recently got my system put back together and I have been slowly running a few online scans to make sure everything was clean while I was downloading security updates over this last weekend.

I ran one recommended to me called BitDefender last night, and it came up absolutely clean. I also ran another earlier called ewido, which also came up clean, other than a few tracking cookies which were no problem getting rid of.

I just ran Panda's free online scan and it brought up something...

C:/Windows/system32/Tools/Restart.exe It says that files is "Potentionally Unwanted Tool"

I did a search on these forums and found somebody else had this file come up in a Panda scan, so I followed one of the instructions listed, and uploaded it to a site to run several scans. Here are those results:
------------------
http://virusscan.jotti.org/
File: Restart.exe
Status: POSSIBLY INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database) (Note: this file was only classified as malware by scanners known to generate more false positives than the average scanner. Do not consider these results definately accurate. Also, because of this, results of this scan will not be recorded in the database.)
MD5 eb1b125ee5d2022cbf5e2f7226f47638
Packers detected: -
Scanner results
AntiVir Found SecurityPrivacyRisk/Destart.A riskware
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
Fortinet Found HackerTool/Rebootah
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found nothing
UNA Found nothing
VirusBuster Found nothing
VBA32 Found nothing
----------------

I do not have that Hijack this program yet, I'm still trying to get things together but I will be looking into it on a night I have the available time to download it (I'm on a 24k dial up connection, so those things take awhile).

I plan on running Housecall, from TrendMicro tomorrow/Thursday night as well to see if it brings anything else up. Is the Restart.exe file safe to remove? What exactly does that file do?

Thank you! I will check back first thing after I wake up in the morning....
 
Joined
Feb 15, 2004
Messages
12,302
it looks ok, possibly a tool from the computer manufacturer to aid in computer recovery or a reinstall?
 

atryeu

Thread Starter
Banned
Joined
Jun 24, 2006
Messages
211
I wasn't sure. I figured it came with Win XP. I'm still learning about XP though so I had no idea what that file is or what it is for. I have been using Win ME for the last serveral years and was forced to switch because my new hardware didn't want to run ME very well.

That just came up in the virus scan and I couldn't find much about it online last night so I wasn't sure.
 

atryeu

Thread Starter
Banned
Joined
Jun 24, 2006
Messages
211
Does anybody else have any further information on this program? Is it safe to remove, or should I leave it be?
 
Joined
Feb 15, 2004
Messages
12,302
go here and find the file and then right click it and choose properties and see what it says about it, the date, when it was created, i.e before you bought the pc and has it been modified and what uses it?


C:/Windows/system32/Tools/Restart.exe
 

atryeu

Thread Starter
Banned
Joined
Jun 24, 2006
Messages
211
It says:

Created: Saturday, July 8, 2006 7:51:18pm (which is correct, I installed Win XP that night)

Modified: Sunday, December 1, 2002 11:53:02pm

Accessed: Today, July 16, 2006

... Under the Version tab, Description, it says: Restart Conuter LoL Should it say "Conuter"?

Also, all but 3 files have a foreign looking icon and they all say, under the Version tab - Language, they are Chinese (Taiwan)...
 
Joined
Feb 15, 2004
Messages
12,302
Is it linked to microsoft? Do you have a full Xp disc or a restore disc which came with your computer?
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top