a-squared "Riskware" detection: CloseApp.exe?

Discussion in 'other anti-malware software' started by Birdman, Feb 17, 2007.

Thread Status:
Not open for further replies.
  1. Birdman

    Birdman Registered Member

    Joined:
    Nov 24, 2003
    Posts:
    571
    a-squared picked up the following in my latest scan:

    Riskware.RiskTool.Win32.CloseApp.a

    File location: C:\WINDOWS\system32\CloseApp.exe


    Is it recommended that I delete this file....or might it be a False Positive?

    I also ran Counterspy 2.1 and SAS and that particular "riskware" was NOT detected by either program.

    Any help/suggestions would be greatly appreciated. Thanks.
     
  2. fcukdat

    fcukdat Registered Member

    Joined:
    Feb 20, 2005
    Posts:
    569
    Location:
    England,UK
  3. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Most likely a false postive :)
     
  4. Birdman

    Birdman Registered Member

    Joined:
    Nov 24, 2003
    Posts:
    571
    Thanks. Attached is the scanning result. It was detcted by 4 AV engines. Quarantine? Delete?
     
    Last edited by a moderator: Feb 17, 2007
  5. fcukdat

    fcukdat Registered Member

    Joined:
    Feb 20, 2005
    Posts:
    569
    Location:
    England,UK
    Hmm

    It is not false positive detection.Have you installed software that utilizes this grey area tool ?

    It could be legit use or it could be a security issue for youo_O

    A google search of the executable will assist but for the mean time quarantine the item until this can be verified.
     
  6. Birdman

    Birdman Registered Member

    Joined:
    Nov 24, 2003
    Posts:
    571
    Unfortunately I can't link this tool with any software. The only thing I can find is that it's copyrighted by Noël Danjou

    UPDATE: http://noeld.com/programs.asp?cat=misc

    I definitely did NOT install this app....but I wonder if it came packaged with programs like Ace Utilities, XP Smoker PRO, or TuneUp Utilities 2007?
     
  7. fcukdat

    fcukdat Registered Member

    Joined:
    Feb 20, 2005
    Posts:
    569
    Location:
    England,UK
    Hmm

    I'm guessing that if you had been hacked then the intruder would have hidden his/her tool(s) a lot more effectively and since you have indicated no other suspicious entries from scans that no malware infection is present or no intrusion has occured.

    Well nothing can be stated with 100% certainty but the balance of things would suggest it was bundled with another application.

    HTH:)
     
Loading...
Thread Status:
Not open for further replies.