1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved: Malwarebytes

Discussion in 'General Security' started by avalonaz, Dec 18, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. avalonaz

    avalonaz Thread Starter

    Joined:
    Dec 18, 2011
    Messages:
    3
    Hi, I just ran Malwarebytes and it found one malicious software. "Pup.SmsPay.pns" from c:\Users\Alana\downloads\installer_arcsoft_photoimpression_6_5_gold_english.exe

    The Malwarebytes program did nothing with this. Should I ignore, or remove?

    Thank you and Merry Christmas :). Alana
     
  2. lunarlander

    lunarlander

    Joined:
    Sep 21, 2007
    Messages:
    6,230
    Where did you download that installer from? Is it from P2P like torrents, eDonkey etc ?
     
  3. Cheeseball81

    Cheeseball81 Moderator Malware Specialist

    Joined:
    Mar 3, 2004
    Messages:
    83,940
  4. Snagglegaster

    Snagglegaster Banned

    Joined:
    Sep 12, 2006
    Messages:
    1,906
    I think I'd go ahead and remove this file. Frankly, I have no idea what a .pns file is, except for some humorous ideas, and who knows how many points those would get me? But the issue that makes me extremely suspicious is that doing a search for "pns file extension" only seems to get results to REALLY dubious web sites, rather than legitimate sites that explain system processes, file extensions etc. So I'd have to think this is probably malware inserted into legitimate program files. Worst case scenario would be that you might have to re-install one program. So, yes, I would kill it.
     
  5. avalonaz

    avalonaz Thread Starter

    Joined:
    Dec 18, 2011
    Messages:
    3
    Thank you for all your responses. I don't know where this comes from, or when it was downloaded. I've run both http://virusscan.jotti.org/en and http://www.virustotal.com/
    The results of virusscan.jotti has all negative results except for one...

    [FONT=&quot]ESET[/FONT]
    [FONT=&quot]2011-12-18 Win32/Toggle[/FONT]


    [FONT=&quot]And virustotal.com found all negative except for three findings...[/FONT]
    eSafe
    7.0.17.0
    2011.12.18
    Virus in password protected archive

    McAfee
    5.400.0.1158
    2011.12.19
    Artemis!3A9D0B2861F8

    NOD32
    6722
    2011.12.19
    Win32/Toggle

    So is this a virus or just a part of a program?

    It is times like these that I wish I knew much more about computer programs.

    Thanks again. Alana
     
  6. Cheeseball81

    Cheeseball81 Moderator Malware Specialist

    Joined:
    Mar 3, 2004
    Messages:
    83,940
    I would just have MalwareBytes quarantine and then delete it.
     
  7. Snagglegaster

    Snagglegaster Banned

    Joined:
    Sep 12, 2006
    Messages:
    1,906
    Well, let's see. What's the downside to ignoring the file if it is indeed malware? Well, there's no good malware, right? So you don't want to keep it even if you aren't sure how nasty it is. The flip side is that if the file is a false positive, and you remove it, perhaps nothing much happens. In a worst case scenario, you might have to re-install whatever Arcsoft program the file belongs to. But seriously none of the sites that came up when I searched this extension were legit sites that identify file extensions, etc. That just screams malware. So I just don't see how your choice here can be difficult. Remove it.
     
  8. avalonaz

    avalonaz Thread Starter

    Joined:
    Dec 18, 2011
    Messages:
    3
    Thank you for such prompt help here, I have deleted and quarantined, so guess I will find out the next boot up what happens. This may be a very good thing. Merry Christmas. Alana
     
  9. Snagglegaster

    Snagglegaster Banned

    Joined:
    Sep 12, 2006
    Messages:
    1,906
    Merry Christmas to you, and welcome to Techguy, by the way!
     
  10. Cheeseball81

    Cheeseball81 Moderator Malware Specialist

    Joined:
    Mar 3, 2004
    Messages:
    83,940
    Welcome and Happy Holidays :)
     
  11. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1031802