Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Tehcnician Toolbox - exe file has heu_viper?


  • Please log in to reply
4 replies to this topic

#1 Geronimo9

Geronimo9

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:02:03 PM

Posted 13 March 2015 - 09:34 AM

Hi

I have just downloaded the update and Trend Security have said the technicians_toolbox,exe has a threat attached?  Threat heu_viper?

Has anyone else had the same problem?

I am so wary of downloading from any sites and always believed Bleeping Computer to be safe :(



BC AdBot (Login to Remove)

 


#2 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,676 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:01:03 AM

Posted 13 March 2015 - 10:20 AM

We are still safe :)

Update your defs, looks to be a false positive. See this virustotal report:

https://www.virustotal.com/en/file/f9fafcbca292ce64f728166827eb5c90bef7b339897a93aaaf64a7037bb62151/analysis/

#3 Geronimo9

Geronimo9
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:02:03 PM

Posted 14 March 2015 - 08:21 AM

Thanks Grinler  :thumbup2: 



#4 RolandJS

RolandJS

  • Members
  • 4,539 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin TX metro area
  • Local time:12:03 AM

Posted 15 March 2015 - 12:44 AM

Avast and Emsisoft are fairly assertive, they have flagged good downloads as well.  What I've done is exclude my download directories from being scanned. After download[s] complete, and the files are being moved to their respective holding directories, then they are scanned.  At least I have a chance to restore & whitelost at that time.


Edited by RolandJS, 15 March 2015 - 12:44 AM.

"Take care of thy backups and thy restores shall take care of thee."  -- Ben Franklin revisited.

http://collegecafe.fr.yuku.com/forums/45/Computer-Technologies/

Backup, backup, backup! -- Lady Fitzgerald (w7forums)

Clone or Image often! Backup... -- RockE (WSL)


#5 The Feet

The Feet

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:03 AM

Posted 15 March 2015 - 07:30 AM

I downloaded it today and gave it a spin.

 

Useful bit of kit ..... some of the utilities are available in other software , but this ties them together nicely.

 

If it is getting flagged by your AV it is almost certainly because one of the "tools" grants an elevation to "System"

 

And if you think that Admin has the highest privileges in the Windows OS ..... think again !

 

This type of elevation is typical of the behaviour of Rootkits ..... and that is why your Anti-Virus doesn't like it.

 

If anything , it shows that your AV is " on the case".

 

I've used several other programs from "Tweaking" and it's all good stuff .

 

Use them with confidence is my advice .... FWIW  :)

 

My security routine for ALL downloads is this , regardless of how much I trust the source :-

 

Scan the local download file with MBAM

Upload it to Virustotal.com

Get the checksum from there , and use a hash tool to check it against your download

...... and of course ..... DON'T trust the MD5 checksum , choose a better one !


Edited by The Feet, 15 March 2015 - 07:35 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users