asquared detected find.exe as trojan?

hey wilders, i just scanned my secondary xp 32 computer with asquared free, and it said it found find.exe in system32 dllcache. is this really trojan or a false positive. isnt find.exe a legit executable from microsoft?

what makes me think its a FP is that i scanned it again but ths time with avira free version 10's block autostat function turned off(think it was interfering with it cause avira popped up saying somethig about blocking malware from starting up)

and it said it founnd 2 trojans in system volume restore so i just deleted them even thouhg i think they were fp's as well.....

any thoughts? thx in advance, wutsup

 

check it here again:
http://www.virustotal.com/de/
if a false positive write a email to avira support.

PS md5 hash from my "find.exe" (XP SP3 32bit)
ce416e2e477e8dced94aab7ee97f11f5|find.exe
(compare with the resulted hash from VT above)

if same for sure false positive

if really infected - setup xp from scratch or use an image (backup all important data before)
you cannot really clean up such system - and improve security concept.

 

nevermind, i just scanned again with asquared and find.exe didnt show up and those 2 other trojans were false positives.

and that pop up frolm avira during the asquared scan was just tellikng me that it blockede an autorun.inf from the H drive which is the recovery partition on HP/compaq computers. so it was not malware, my mistake.

where exactly is find.exe? i cant seem to find it.

 

c:\windows\system32\

PS it's a german xp so the hash may differ to an english system - sorry

 

i cant find find.exe, all i found was findstr.exe?

 

Hi;

You may wanna download this VirusTotal Uploader so you can send it to VirusTotal via your pc.

http://www.virustotal.com/metodos.html

Threat Expert

http://www.threatexpert.com/

Bottom line is you will have to decide based on the data "if" it is a FP or not.

Cheers!

 

but id find.exe the same as findstr.exe??

 

i just checked on my main vista 64bit computer and it has both find.exe and findstr.exe

ROFL, i think my dad might of deleted the find.exe false positive......cause i started the a squared scan the night before and i guess my dad used the computer and thought it was malware since asquared said it was....

crap what do i do now? the computer seems to work fine. is find.exe and important file??

 

No
http://pubs.logicalexpressions.com/pub0009/LPMArticle.asp?ID=404

 

It is probably related to something like the windows search engine?

 

No, they're command line utilities. Not all is GUI.

 

thx for the info mvario

i guess its not that big of deal that find.exe is deleted now. as long as the computer runs fine caause its mostly just used for web browsing, and storage for pictures and microsoft word and quicken