 | |
| |
| 26 Feb 2010 | #1 |
| | Are these spyware? Hey guys, I just ran a scan on SUPERAntiSpyware and it found 2 trojans. I don't think either of them are legit trojans but wanted your opinions. C:\TOSHIBAUPDATE\UPDATEX86.EXE & C:\WINDOWS\CLOSESEC.EXE Also, is there a place on the internet to check for legit spyware files? Like a list that lists them? |
My System Specs | |
| 26 Feb 2010 | #2 |
| | Sure, try uploading them here: VirusTotal - Free Online Virus and Malware Scan That will run it through a number of scanners and give you a report. |
| My System Specs |
| 26 Feb 2010 | #3 |
| | It said 4/41 programs found it to be spyware (at least I think that is what it means). So, does this mean it's legit? |
| My System Specs |
| . |
| |
| 26 Feb 2010 | #4 |
| | I'd say it's probably legit. I didn't see much on Google about it being malware either. |
| My System Specs |
| 26 Feb 2010 | #5 |
| | Both of them are Toshiba based programs. It was just weird because I've ran SUPERAntiSpyware earlier in the week and it didn't detect these. That's why I worried a little. |
| My System Specs |
| 26 Feb 2010 | #6 |
| | You know those anti-virus programs. One day they don't detect anything, the next day they do. |
| My System Specs |
| 26 Feb 2010 | #7 |
| | can you post links from virustotal scans... please  |
| My System Specs |
| 26 Feb 2010 | #8 |
| | Virustotal. MD5: 9df7b80c4e0bed1c1e3a36a20c4074fd Trojan-Dropper.Win32.Mudrop.flp!A2 Trojan.Agent.ATV Trojan/Downloader.gen ...and I cannot find the other file. I've always been bad at locating files within the computer. I asked for some help on it before but no one responded to me. |
| My System Specs |
| 26 Feb 2010 | #9 |
| | ok, as I can see you gave results for: C:\WINDOWS\CLOSESEC.EXE vendors which detec it right now according to virus total: a-squared - Trojan-Dropper.Win32.Mudrop.flp!A2 (note that "A2" at the end it means that only a2 engine of the a-sqaured detected it. (a-sqaured uses it's own a2 and Ikarus AV engines)) A-sqaure is known for some False Positives. CAT-QuickHeal - Trojan.Agent.ATV (not sure about QuickHeal) McAfee+ Artemis - Artemis!9DF7B80C4E0B(note: McAfee dosen't detect it. It is detected by McAfee Atremis only!) Artemis is cloud based technology, known for some False Positives... TheHacker - Trojan/Downloader.gen (can't comment on this one) Further analyses of "C:\WINDOWS\CLOSESEC.EXE" led me to finding to this: https://forum.f-prot.com/index.php?topic=1694.0 as you can see it's official F-prot (AV company) forum. And as you can see a few months ago, this file was detected by F-prot as malware aswell. But look at the last post by F-Prot virus researcher/developer that it is probably False Positive and soon will be deleted from database. Now from virustotal link you posted, we can see it has indeed been taken out of database. So, I would say it is probably False Positive.  P.S. Just noticed the Original Poster on the Forum link I gave uses laptop from Toshiba like you. |
| My System Specs |
| 26 Feb 2010 | #10 |
| | Yeah, I found that link too. I found it after I posted this though. |
| My System Specs |
 |
Are these spyware? problems?
| Thread Tools | |
| Similar help and support threads for: Are these spyware? | ||||
| Thread | Forum | |||
| Spyware? IDK | Browsers & Mail | |||
| I think I've got spyware!!! | System Security | |||
| top 10 spyware freemovers | System Security | |||
| Norton and other spyware? | System Security | |||
| Spyware Software | Software | |||
All times are GMT -5. The time now is 10:04 AM.
