View Full Version : Trojan or OK?
Hope someone can help here - Got a new comp yesterday which is a compaq/HP
Any way AVG is picking up one of the hp bin files as a trojan - Comodo is picking it up as a trojan also
File is called setsupport.exe and looking around on the net cant find much but one french page i found (and google translated) seems to say its not a trojan and that its a false positive...
Its currently quarrantined but i can restore it if needed ?
So do i leave it quarrantined?
Thanks :)
Edited to add: Ran the rescue disk creation earlier (while it was in quarrantine and it seemed to jam up a bit at the start until i moved it out nd then it seemed to work) but its since back in cause cuse of AVG and big threat detected messages...
been busy looking for stuff... no luck. I'd sugest buying a new computer :p
just kidding, try beeping computer. they are a really helpful bunch there!
Thanks David, yeah there's not much on the net - well in english anyway lol I think its safe but with 2 Av's saying its a trojan is a bit of a worry
seriously, sigh up to beepingcomputer.com and ask at their forums.
better sure than sorry.
i translated a handful of pages and came up with naught too.
Yeah might check there a bit later :) its quarrantined at pres so its not a 'threat'as such at the moment
hmm gather you meant bleeping David ? beeping doesnt come up with a site?
Have joined and asked - will see what they say :)
well i have one comment on my post there from a person with the exact same thing happening with avast :confused: same new comp and that showing s trojan
landteacher
09-09-2009, 9:12pm
So, that's three strikes and your o-----------?
Mick.G.
makes you wonder with 3 different av's saying it...
well a reply said to send the file for analysis which i've been trying to do via avg prog but it wont send :/ cant log into the avg forum cause ive forgotten details and its got a security code question which isnt showing ARGH so i cant answer it...
Invictus
10-09-2009, 10:28am
Hi Cathy,
It sounds like a false positive to me. But this is just based on assumptions from your info.
In my experience, AVG Free, and quite a few free AV software are pretty notorious for it.
AVG seems to have dropped the ball in the recent times as far as accurate detection rates are concerned.
ie: I have found it miss real infections, but pickup potential threats that really aren't.
Personally, I would dump/uninstall AVG, and use a combination of the following:
Install ESET Smart Security - 1 month trials are available from their website, or just purchase the licence. Install, update and do a full scan. LINK (http://eset.com.au/download/download.html)
Install MalwareBytes - There is a free version that works well, but I DO recommend buying a license for this one, as the realtime protection mode then can be enabled. (tests I have done, has shown the IP and webpage based infection detection to be quite effective.) Install, update and do a full scan. LINK (http://www.malwarebytes.org)
Install Spybot - Install, update and use the immunize function. LINK (http://www.safer-networking.org/en/mirrors/index.html)
Run combofix - Available from bleepingcomputers. Guide and download available from here. (http://www.bleepingcomputer.com/combofix/how-to-use-combofix)
This combination, again, in my experience, has been very effective at detecting and/or removing the majority of infections I come across each week. In other cases, the infections usually require more specific tools or methods to detect or remove.
There are alternative A.V. software packages that are also effective, but I tend to recommend ESET not only for it's detection rates, but for the fact it is relatively light on how much resources it uses to monitor and protect systems. Their local support is also another factor. The other end of the extreme would be Norton360.
That all said - No single product I know of will protect a system 100%.
Hope that helps. :)
Thanks Matt: Might look into ESET - I've sent AVG an email via their virus reporting email link and will see what happens there...
AVG now have the file and are investigating it
no trojan YAY
Dear Sir/Madam,
thank you for your e-mail.
Unfortunately, the current virus database version may detect the
mentioned virus on some legitimate applications. We can confirm that
it is a false alarm. We would like to inform you that the false
positive will be removed in the next Definitions update. Please update
your AVG and if a new Definitions update was downloaded, check whether
the file is still detected.
If you need to restore deleted files from AVG Virus Vault you can do
it this way:
- Open AVG user interface.
- Choose "Virus Vault" option from the "History" menu.
- Locate the file that was incorrectly removed and select it (one
click).
- Click on the "Restore" button.
We are sorry for the inconvenience.
Best regards,
well the fix isnt obviopusdly in the last update :/ still warnings lol
Invictus
11-09-2009, 1:10pm
Good to hear they responded to you.
I wouldn't expect it will be a high priority for them, but you have some peace of mind now.
was all fixed and updated by this morning so they did it fast which was good - I gather reporting a major computer suppliers software was a trojan wouldnt look good for them?
Sounds like this story
http://www.bleepingcomputer.com/forums/lofiversion/index.php/t256326.html
Yes that would sound like this Roof as thats my post on there lol
Miaow was already taken so had to use that username lol
Powered by vBulletin® Version 4.2.3 Copyright © 2024 vBulletin Solutions, Inc. All rights reserved.