Jump to content

Build Theme!
  • Infected?

big grin Welcome to What the Tech's support forums!

We invite you to ask questions, share experiences, and learn. It's 100% free. Join 90726 others. Anybody can ask, anybody can answer. Consistently helpful members with best answers are invited to staff. Here's how it works. Computer cleanup? Start here> Malware Removal Forum.

Sign Up


Online scanners and false positives (two files)

  • Please log in to reply
No replies to this topic

#1 little.red


    New Member

  • New Member
  • Pip
  • 1 posts

Posted 02 November 2012 - 10:10 PM

I have two programs that I've downloaded (one an .exe and one a .zip) and was just virus scanning them. I haven't opened either yet. The downloads are linked to from the official sites (you know how some are hosted at download.com or places like that?), but they're old so are no longer supported by the creators. I thought I'd just double check them and upload them to VirusTotal. One of them (an .exe) showed up as a positive for one - Win32.TrojanC2Lop on ESAFE (I've never heard of ESAFE before though). None of the other 40 AVs picked up anything. The ZIP file didn't show any detections. I figured it was a false positive, but then read about another online scan (Jotti) through BleepingComputers. I decided to run both files through again. I like to be sure. The EXE file that had nothing appear through VT now appears as having PUA.Win32.Packer.UpxProtector through Clam AV (another one I've never heard of). None of the other 19 AVs showed anything. The ZIP file that showed as having the trojan on VT shows nothing on Jotti. I'm assuming these are false positives...but wanting to hear from other people :). They're from the official site (file doesn't appear to have been updated in about 7 years), it is not detected consistently, I haven't heard of either AV that found a problem (plus packer sounds like something to do with the unzipping of the file?).


Register to Remove

Related Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users