Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Is this file a trojan? I'm not sure TR/ATRAPS.Gen TROJ_GEN.RC9H1L6


  • This topic is locked This topic is locked
2 replies to this topic

#1 GunotGrean

GunotGrean

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:05:29 AM

Posted 28 December 2012 - 05:23 AM

This is a link of files http://205.196.122.16/3fwno77gf5zg/a3tyeewaau8e099/AlienHack.exe

This file is a hack tools for game (Dota).
My Bitdefender scan result = nothing found

but when I upload this files to virustotal.com
Only 3 scan virus can detect this files as trojan.
This is Virustotal.com scan result

Posted Image
Posted Image
Posted Image
Posted Image
Full link result
https://www.virustotal.com/file/f55dbed1632394e5ba0d8df9625036aa36aaf7ba3a252a8af07725e809dac817/analysis/

Virus name = TROJ_GEN.RC9H1L6 Trojan.ATRAPS TR/ATRAPS.Gen scanned from Antivir/Ikarus/TrendMicro-HouseCall


Is this a trojan? I need to check this before run program.

Because I'd a bad dream with a trojan keylogger in the past . I don't want to be hacked from others agains.

Anyone please help me check this files . Thank you

Edited by GunotGrean, 28 December 2012 - 05:24 AM.


BC AdBot (Login to Remove)

 


#2 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:10:29 AM

Posted 28 December 2012 - 05:25 PM

Good evening. :)

new update = new trojan?

Why?????

new update

So can I trust this scan result?

An anti-virus company gets hold of malicious files, examines them, and works out how to instruct their anti-virus program to identify the malicious files in question. If the file has been scanned before, and passed, then you can say that the detection is new, but the file may have been around for some time but not analysed by the security companies.
Although they try their best, sometimes these security companies incorrectly update their AV programs and they identify, as malicious, files that are in fact legitimate - false positive detections. The fact that some scanners report the file as legitimate may be due to the fact that the file is indeed legitimate or these companies may not have analysed this malicious file yet.

Unfortunately unless somebody reverse engineers the file to check whether it is malicious or not, and that's probably not going to happen here, you have limited options:

1) If you know where the file originated and you know others who trust this file then you can ally yourself with them and dismiss the detections as false positives. Bear in mind that a legitimate file can be patched or a malicious file can be given a legitimate file's name, so do make sure that if people vouch for the file's integrity that it is the same file and not just one with the same name.
2) Trust the majority of scanners that don't identify this file as malicious and dismiss the detections as false positives.
3) Contact the person who coded the file and ask them if their file is malicious or not, and then trust them if they say it is legitimate.

Edited by Noviciate, 28 December 2012 - 05:27 PM.
Poor grammar.

So long, and thanks for all the fish.

 

 


#3 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:10:29 AM

Posted 02 January 2013 - 02:31 PM

As this issue appears to have been resolved, this thread is now closed.

So long, and thanks for all the fish.

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users