a squared

Discussion in 'other anti-malware software' started by culla, Feb 22, 2010.

Thread Status:
Not open for further replies.
  1. culla

    culla Registered Member

    Joined:
    Aug 15, 2005
    Posts:
    504
    found this possible fp or is it real

    Trojan-Spy.Win32.Bancos!IK

    found in c:splash/splash.exe
     
    Last edited: Feb 22, 2010
  2. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    ok lol.... well this provides absolutely no useful information... like what the file was? what program? etc...
     
  3. culla

    culla Registered Member

    Joined:
    Aug 15, 2005
    Posts:
    504
    that is the info a-squared gave me i've searched c drive and windows can't find it
     
  4. papillonn

    papillonn Registered Member

    Joined:
    Oct 19, 2005
    Posts:
    117
    Location:
    TR
    HiJackThis report is important at this point.
     
  5. culla

    culla Registered Member

    Joined:
    Aug 15, 2005
    Posts:
    504
    done hjt report is clean
    i've removed a-squared its dangerous
    in deep scan mode way to many fp's on programs i've used for ages
     
    Last edited: Feb 22, 2010
  6. 0strodamus

    0strodamus Registered Member

    Joined:
    Aug 23, 2009
    Posts:
    1,058
    Location:
    United Surveillance States
    You might want to try an Anti-rootkit tool to see if the file is being hidden from Windows by malware.
     
  7. culla

    culla Registered Member

    Joined:
    Aug 15, 2005
    Posts:
    504
    which anti-rootkit would you suggest
     
  8. falkor

    falkor Registered Member

    Joined:
    Sep 26, 2009
    Posts:
    205
    Splash.exe should be in your files somewhere . Does your computer have it setup to show HIDDEN files ? Seems like a false positive to me .
     
  9. 0strodamus

    0strodamus Registered Member

    Joined:
    Aug 23, 2009
    Posts:
    1,058
    Location:
    United Surveillance States
    I use Malware Defender to bypass the Windows API in looking at the file system and for a separate tool I like XueTr. There's a new version of Vba32 AntiRootKit that was just posted in this forum. I've tried that one too and it seems to be good. A lot of folks like GMER also.
     
  10. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    or combofix;)
     
  11. culla

    culla Registered Member

    Joined:
    Aug 15, 2005
    Posts:
    504
    tried gmer only thing that came up was returnil so i guess no rootkit :)
     
  12. 0strodamus

    0strodamus Registered Member

    Joined:
    Aug 23, 2009
    Posts:
    1,058
    Location:
    United Surveillance States
    Did you look to see if you have a c:\splash\splash.exe on your hard drive with GMER?
     
  13. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    I wouldn't write it off as a fasle positive. I can't find anything about this file anywhere. I googled it several times. You can find plenty of info on Splash.exe, but not splash/splash.exe Click on any folder, and go to tools/folder options/ view/hidden files and folders and click show hidden files, and folders. Now search in the location asquared says it is located. It should be there. If you find it then right click on it, and view its properties and see if it is digitally signed. Look to see when it was created etc. .
     
  14. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,294
    Location:
    USA
  15. culla

    culla Registered Member

    Joined:
    Aug 15, 2005
    Posts:
    504
    i already viewed hidden file not found
    no activity on pc or connection i think fp

    yep i had read that my comp is a hp
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.