SOCKS.exe found in startup folder

Discussion in 'ESET NOD32 Antivirus' started by MrGump, Oct 12, 2009.

Thread Status:
Not open for further replies.
  1. MrGump

    MrGump Registered Member

    Joined:
    Sep 5, 2009
    Posts:
    394
    I have found a program called socks.exe in my startup and I fond out it is adware/spyware. Why did NOD32 miss this?

    I erased any traces of the file that I could, I only fond a text file and I erased the startup in the regsitry. If I did not actually find the .exe does that mean it was never on the computer and NOD32 did its job?

    Thank you.
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Hard to say what it was. The next time you encounter a suspicious file, submit it to ESET per these instructions.
     
  3. ASpace

    ASpace Guest

    A Google search for socks.exe reveals trojan horse entrie of a service ? Is this what you found on your computer - a Windows service ? How did you find it ?

    What did you do with this ? How did you determine it is a malware ?
     
  4. MrGump

    MrGump Registered Member

    Joined:
    Sep 5, 2009
    Posts:
    394

    I am currently trying to trace my steps backwards and find the infected file I downloaded. FYI, I was using Newgroups.

    To answer your question, I found two files in my "startup" folder and one of them had a Spider icon on it. I can not recall the other item. I determined it was dangerious because I did not recognize it and Google told me it was dangerous. I cam to ESET's forums becuase I want to know if NOD32 missed it or what.

    I recently ran the Ad-Aware Plus software and this is what it found and cleaned:

    Ad-Aware found "TR/AgentOff.16384A" listed as a trojan.
    It also found "Win32.Trojan.VB" and listed it is Malware. The threats were cleaned and do not show up on further Ad-Aware scans. They never showed up on NOD32 scans.

    Hope this info helps. I will continue to look for the original infected download.

    As of now, Ad-Aware and Malwarebytes both report my system is clean and NOD32 always reported my system was clean even before Ad-Aware found that stuff.
     
  5. sir_carew

    sir_carew Registered Member

    Joined:
    Sep 2, 2003
    Posts:
    884
    Location:
    Santiago, Chile
    ALL antivirus miss something, you can't expect an antivirus that detect the 100% of malicious codes from any vendor.
     
  6. MrGump

    MrGump Registered Member

    Joined:
    Sep 5, 2009
    Posts:
    394
    that is true
     
  7. bradtech

    bradtech Guest

    Upload it to virustotal.com and see what it says
     
Thread Status:
Not open for further replies.