Gizmos Freeware Reviews  

Go Back   Gizmo's Freeware Forum > Freeware Forum > General Computer Support

Reply
 
Thread Tools Display Modes
Old 18. Aug 2012, 12:56 AM   #1 (permalink)
Senior Member
 
Join Date: Oct 2011
Posts: 187
Default trojan captured need info.

d3d9cap.dat Trojan.FakeAV
c:\windows\system32\

captured by hitman pro after computer sat unused for one week, with realtime antivirus turned on (mse).

it should be noted after computer sat for week, i had 11 updates to download and install, eventhough realtime was active. i did so and restarted computer, then ran hitman and caught the trojan. and deleted it per hitman program.

am i safe now?

windows xp, sp3, mse, sandboxie, my wot, winpatrol, ccleaner
placou 1968 is offline   Reply With Quote
Old 18. Aug 2012, 10:43 AM   #2 (permalink)
Senior Member
 
Concerned User's Avatar
 
Join Date: Apr 2010
Location: இந்தியா, सिन्धु, India
Posts: 486
Default

@ placou 1968: Could be a false positive. Refer this thread for more details:

http://www.wilderssecurity.com/showthread.php?p=2102210

A few quick questions:

Assuming that you're using a non-admin account with a password and also assuming that everyone else using your computer uses separate user non-admin user accounts.

Do you notice any "weird" activity? (system freezes up, home page changed etc..)

Your current setup seems to be perfect. If you have MSE+non-admin account+sandboxie+safe user practices + latest updates for all programs, then I would say hitman pro is not needed. But each to his own.
Concerned User is offline   Reply With Quote
Old 18. Aug 2012, 04:44 PM   #3 (permalink)
Senior Member
 
Join Date: Oct 2011
Posts: 187
Default

no strange activity noted. no other users, i use non admin side for all internet use, except to do normal things which i understand should be done using admin side, (updates, scans etc.) i dont visit social sites. the info. i read prior to asking here was confusing, seems sitting in standby was a factor with other users with same trojan. i only have hitman because it was left here by my isp, i feel comfortable with the aforementioned protection as well.

i have ran scans again and find nothing.

in the thread provided i find info. that exactly corrolates with the capture i had, the regeneration seems to be of a concern, but i will wait to see. thank you for your help.
placou 1968 is offline   Reply With Quote
Old 19. Aug 2012, 09:12 AM   #4 (permalink)
Editor
 
George.J's Avatar
 
Join Date: Oct 2010
Posts: 1,950
Default

It's a false positive and similar captures have been reported at Wilders and Avast

http://www.wilderssecurity.com/showthread.php?p=2101969

http://forum.avast.com/index.php?topic=103309.0

Upload the file to VirusTotal just in case.
__________________
If you seek for attention, do common things in life in an uncommon way!
George.J is offline   Reply With Quote
Old 21. Aug 2012, 04:59 PM   #5 (permalink)
Senior Member
 
Join Date: Oct 2011
Posts: 187
Default

yes, it seems to be false just as you advise, thanks for the response
placou 1968 is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT +1. The time now is 02:13 AM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2021, vBulletin Solutions, Inc.