Zapchast.135 / Generic.RarDrop.B found... - Mischel Internet Security Forum

Jobs | About | Blog | Contact

Download TrojanHunter Now
Free 30-day trial!

Latest TrojanHunter Version:
TrojanHunter 5.0

Order Now
License file delivered within minutes.

Welcome, Guest. Please Login or Register.

Sep 6^th, 2008, 11:15pm

   Mischel Internet Security Forum
   TrojanHunter
   TrojanHunter Scanner (Moderators: Helena, Gavin_Coe, Magnus)
   Zapchast.135 / Generic.RarDrop.B found...

« Previous topic | Next topic »

Pages: 1

Notify of replies

Send Topic

Author

Topic: Zapchast.135 / Generic.RarDrop.B found... (Read 1650 times)

rozybear1
Newbie

Posts: 2

Zapchast.135 / Generic.RarDrop.B found...
« on: Oct 30^th, 2007, 10:05pm »

Quote

Modify

I am running the trial version right now, and it found Zapchast.135 and Generic.RarDrop.B and I'm wondering if they are really trojans or a false result.

Here is the log.

TrojanHunter Scan Report - Saved 2007-10-31 00:01

Found trojan file: C:\Documents and Settings\Rozanne\Desktop\SmitfraudFix\exit.exe (Zapchast.135)
Found trojan file: C:\Program Files\WinRAR\Default.SFX (Generic.RarDrop.B)
Found trojan file: C:\Program Files\WinRAR\Zip.SFX (Generic.RarDrop.B)

Could you please advise if they trully are malicious or if they are false results?

Thx,

Roz

IP Logged

siliconman01
Global Moderator

Trojans! Chew 'em Up, Spit 'em Out...

Gender: male

Posts: 5603

Re: Zapchast.135 / Generic.RarDrop.B found...
« Reply #1 on: Oct 30^th, 2007, 10:57pm »

Quote

Modify

Welcome to the forum rozybear1 Wink

Quote:

Found trojan file: C:\Documents and Settings\Rozanne\Desktop\SmitfraudFix\exit.exe (Zapchast.135)

The SmitfraudFix item can be ignored. SmitfraudFix uses some of the same tactics in its cleaning that criminals use in their attack software. TH picks up on that and generates the Zapchast.135 alert. You may wish to remove the SmitfraudFix file from your desktop. It is best to download a new copy of it when you need it....there might be revisions to it in the latest version of it.

Quote:

Found trojan file: C:\Program Files\WinRAR\ (Generic.RarDrop.B)
Found trojan file: C:\Program Files\WinRAR\Zip.SFX (Generic.RarDrop.B)

These two WinRAR detections look like they are false positives. Would you please submit Default.SFX and Zip.SFX to Mischel Internet Security for analysis. The link below describes how to submit.

http://www.misec.net/forum/board/FAQ/1139308293

Gavin or Magnus will analyze them and get back to you. I suspect they are False Positives.

IP Logged

______
TrojanHunter V5.0.962...No. 1 AT in my Book and on my Box!

Gavin_Coe
Trojan Analyst

Posts: 1990

Re: Zapchast.135 / Generic.RarDrop.B found...
« Reply #2 on: Oct 31^st, 2007, 5:59pm »

Quote

Modify

Is it the right version, and updated ? I updated that Zapchast.135 detection (it should detect as RiskTool.ExitProcess.100)

IP Logged

siliconman01
Global Moderator

Trojans! Chew 'em Up, Spit 'em Out...

Gender: male

Posts: 5603

Re: Zapchast.135 / Generic.RarDrop.B found...
« Reply #3 on: Nov 1^st, 2007, 6:31am »

Quote

Modify

Rozybear1,

You probably need to manually update to the latest rulesets. LiveUpdate is not active on the trial version of TrojanHunter. Go to the link below to obtain the latest rulesets.

http://www.misec.net/trojanhunter/updating/

IP Logged

______
TrojanHunter V5.0.962...No. 1 AT in my Book and on my Box!