![]() |
![]() |
#1 (permalink) |
Senior Member
Join Date: Apr 2008
Location: Planet Earth
Posts: 1,379
|
![]()
Anyone running Win XP Home or Pro?
I installed A-Squared on my wife's computer as an on demand scanner, and it identified what it thinks are two high-risk trojans in the files "Taskman.exe" & "Systray.exe" I tested the same two files on VirusTotal.com and a-squared there returned the same result but it was the only one. I then uploaded taskman.exe and systray.exe from my virtualbox installation of XP Pro and got the same result. I further tried files from a third installation of XP with the same result. The MD5 hashes are the same as other peoples who have scanned the files. Can someone else upload their copies and confirm this? Taskman.exe is located in C:\Windows, and Systray.exe is located in C:\Windows\System32 These are some pretty important operating system files for A-Squared to be identifying as trojans.
__________________
The smallest good deed is better than the greatest intention. |
![]() |
![]() |
![]() |
#3 (permalink) |
Full Member
Join Date: Jul 2008
Location: Sweden
Posts: 70
|
![]()
Ritho, I am running XP Home and uploaded both files to VirusTotal. Nothing found.
I also took a quick A-Squared scan, but none of the two files were identified. Which type of scan did you take? I have stopped using A-Squared for the following reason. When starting it (after updating), a rescan of quarantined files is performed. Every time I get the following message: After rescanning the quarantined objects with the new downloaded signatures, it turned out that some of them were detected in wrong (false positives). Do you want to restore these objects now to their original locations. Yes or No. What irritates ![]() Bengt S |
![]() |
![]() |
![]() |
#4 (permalink) |
Super Moderator
Join Date: Jul 2008
Location: India
Posts: 15,334
|
![]()
Whoa! Bengt, you are scaring me now
![]() ![]() Mine is fresh install of XP on a new hard disk, don't scare me ![]()
__________________
Anupam |
![]() |
![]() |
![]() |
#6 (permalink) |
Super Moderator
Join Date: Jul 2008
Location: India
Posts: 15,334
|
![]()
Are you still trying to scare me?
![]() Well yeah, you guessed it right. I am not behind a router, neither am I using a firewall nowadays. Its just Avast, and just today, installed WinPatrol. I hope I am not infected already.
__________________
Anupam |
![]() |
![]() |
![]() |
#7 (permalink) |
Senior Member
Join Date: Apr 2008
Location: Planet Earth
Posts: 1,379
|
![]()
If you want to check the hash codes I listed them below.
All of my files from the three different installations have the same hash codes, even between XP Home and Pro. MD5 hash codes. Taskman.exe f4dfd83153e8c9088ae2db704107060d Systray.exe 46e07fd3a40760fda18cf6b4fc691742 Bengt I would like to see your MD5's they appear on the site when you first upload your files. Could you do that?
__________________
The smallest good deed is better than the greatest intention. |
![]() |
![]() |
![]() |
#9 (permalink) |
Senior Member
Join Date: Apr 2008
Location: Planet Earth
Posts: 1,379
|
![]()
Thanks, Bengt! Obviously you have a different set of files some how. Maybe a European version of Windows?
I went and extracted the files fresh from my install disk, and they are exactly the same as my others. So I am not worried about a virus. I think I will make a report to A-Squared. It just would not be good if someone deleted their systray and taskmanager. But I don't think you can do it very easy because windows protects those files. Still I was not willing to click quarantine or delete to test my theory. ![]()
__________________
The smallest good deed is better than the greatest intention. |
![]() |
![]() |
![]() |
#10 (permalink) | ||
Full Member
Join Date: Jul 2008
Location: Sweden
Posts: 70
|
![]() Quote:
Quote:
![]() |
||
![]() |
![]() |
![]() |
Thread Tools | |
Display Modes | |
|
|