Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Norton Antivirus Identifies System Files As Trojan Horses


  • Please log in to reply
4 replies to this topic

#1 wth0808

wth0808

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:07 AM

Posted 01 August 2008 - 09:48 PM

Hi everyone -

I just ran Norton antivirus and it identified the following files as trojan horses. Also, Norton was unable to delete the files. When I did a search for these executables, they look like system files that should not be deleted. Is it possible that these system files have been compromised? I'm guessing that if I delete them it will hose my computer. Thanks in advance.

lgfxtray.exe
jusched.exe
SynTPEnh.exe
SynPPLpm.exe

Just curious...I see a lot of views and no responses...is that because this is a really stupid question? :thumbsup:
Any recommendations on what I should do?

Thanks

Edited by wth0808, 02 August 2008 - 07:16 AM.


BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,272 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:07 AM

Posted 02 August 2008 - 07:51 AM

Determining whether a file is malware or a legitimate process sometimes depends on the location (path) it is running from. One of the ways that malware tries to hide is to give itself the same name as a critical system file. However, it then places itself in a different location on your computer. A file's properties may give a clue to identifying it. Right-click on the file, Properties and examine the General and Version tabs.

You can download and use Process Explorer, AnVir TaskManager Free or System Explorer to investigate all running processes and gather additional information to identify and resolve problems. These tools will show the process CPU usage, a description and its path location. If you right-click on the file in question and select properties, you will see more details about the file.

If you cannot find any information, the file has a legitimate name but is not located where it is supposed to be, or you want a second opinion, submit it to jotti's virusscan or virustotal.com. In the "File to upload & scan" box, browse to the location of the suspicious file and submit (upload) it for scanning/analysis.
-- Then post back with the results of the file analysis.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 wth0808

wth0808
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:07 AM

Posted 02 August 2008 - 12:29 PM

Thanks so muchy for the information! I will give these a shot.

#4 wth0808

wth0808
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:07 AM

Posted 02 August 2008 - 12:40 PM

Thanks so muchy for the information! I will give these a shot.

#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,272 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:07 AM

Posted 02 August 2008 - 02:25 PM

Not a problem.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users