Hi,
I downloaded Farbar Recovery Scan Tool FRST64.exe and CKScanner.exe .
FRST64.exe has been declared a trojan and was deleted, CKScanner.exe quarantained.
Do these scanners produce false positives ?
Then, I get a series of malware attacks from URL: http://b.voicefive.com which are all blocked. Good.
I don't understand what the reasons of these attacks are. I don't think ever to have visited this site.
Another attack comes with Phishing and Fraud attempts from URL: http://p.liadm.com/imp?s=66139&t=newsle ... 2.02.01.22
I don't see which newsletter I could have subscribed to that comes from this address.
There are no processes with URLs linked to this address.
The process monitor shows no processes with medium or high threat levels and no blocked processes, since months.
Can any of these attacks be responsible for the slowing down of my pc ?
Thanks in advance
- ftr
[CLOSED] FRST64.EXE a trojan ?
Re: FRST64.EXE a trojan ? & results Panda Cloud Cleaner
To eliminate any malware threat which might slow down the pc - and it got slow - I ran Panda Cloud Cleaner.
The results are first: Panda Cloud Cleaner did not find any malware threats. Great.
Second, looking into the results in detail, several points to puzzle:
- suspicious policies
How can I know which of the policies should be cleaned ? In particular, because you can't which entries are suspect because the addresses are longer than the window showing it.
- unknown autorun elements:
PCC found THPSRV.exe , but this is a false positive: this is the Toshiba HDD protection device. So, this should not be shown as something suspicious
- Send file to Panda (in the advanced tools):
How to select a file to send to panda when there is no information on the whereabouts of the log file and on its name (as you need to search for it) ?? It would be helpful to have these informations already prefilled as Panda knows best where the file to be send it located.
- Cleaning
If I understand well the current options are : clean nothing, or clean everything.
Right ?
But I need to retain HPSRV.EXE, the Toshiba HDD protection service.
So, how can I deleted only parts ?
TIA
-ftr
The results are first: Panda Cloud Cleaner did not find any malware threats. Great.
Second, looking into the results in detail, several points to puzzle:
- suspicious policies
How can I know which of the policies should be cleaned ? In particular, because you can't which entries are suspect because the addresses are longer than the window showing it.
- unknown autorun elements:
PCC found THPSRV.exe , but this is a false positive: this is the Toshiba HDD protection device. So, this should not be shown as something suspicious
- Send file to Panda (in the advanced tools):
How to select a file to send to panda when there is no information on the whereabouts of the log file and on its name (as you need to search for it) ?? It would be helpful to have these informations already prefilled as Panda knows best where the file to be send it located.
- Cleaning
If I understand well the current options are : clean nothing, or clean everything.
Right ?
But I need to retain HPSRV.EXE, the Toshiba HDD protection service.
So, how can I deleted only parts ?
TIA
-ftr
- VirusBuster
- Official moderator
- Posts: 7595
- Joined: Mon, 02 Apr 2012, 18:53
- Location: Panda HQ - Bilbao
Re: FRST64.EXE a trojan ?
If you click the policy, you can see the full path at the bottomftr wrote:- suspicious policies
How can I know which of the policies should be cleaned ? In particular, because you can't which entries are suspect because the addresses are longer than the window showing it.
It doesn't necessarily mean that it is malware, it is a file that is unknown to our knowledgeftr wrote:- unknown autorun elements:
PCC found THPSRV.exe , but this is a false positive: this is the Toshiba HDD protection device. So, this should not be shown as something suspicious
If you know that its safe because it belogs to Toshiba software, you can uncheck it from the list of elements to be cleaned
This option is designed to send suspicious files to our laboratory, not the scan logsftr wrote:- Send file to Panda (in the advanced tools):
How to select a file to send to panda when there is no information on the whereabouts of the log file and on its name (as you need to search for it) ?? It would be helpful to have these informations already prefilled as Panda knows best where the file to be send it located.
When the scan is fisnished click on one o the options to show the full list of detected elememtsftr wrote:- Cleaning
If I understand well the current options are : clean nothing, or clean everything.
Right ?
But I need to retain HPSRV.EXE, the Toshiba HDD protection service.
So, how can I deleted only parts ?
There you can decide what to clean or not, just check check it or not
About the URLs mentioned:
http://p.liadm.com is related to Amazon
http://b.voicefive.com is related to scorecardresearch, check if you have any related software installed
Regards,
Jorge Torre
TechSupport Department - Panda Security
I don't reply to private messages unless I have previously requested them
Jorge Torre
TechSupport Department - Panda Security
I don't reply to private messages unless I have previously requested them
- VirusBuster
- Official moderator
- Posts: 7595
- Joined: Mon, 02 Apr 2012, 18:53
- Location: Panda HQ - Bilbao
Re: FRST64.EXE a trojan ?
Closed due to lack of response
TOPIC CLOSED
TOPIC CLOSED
Regards,
Jorge Torre
TechSupport Department - Panda Security
I don't reply to private messages unless I have previously requested them
Jorge Torre
TechSupport Department - Panda Security
I don't reply to private messages unless I have previously requested them