Trojan horse PSW.Generic6.AQPD

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by GermWarfare, Nov 14, 2008.

  1. GermWarfare

    GermWarfare Private E-2

    Hello:

    Today, my wife called me and had AVG informing her of a threat, which she is having problems getting removed. She is brining her notebook to me in a little bit, but an hour afterward, I got an alert for the following threat on my notebook WHILE CONNECTED TO HOME VIA VPN (which I am thinking is the same thing she is having):

    Trojan horse PSW.Generic6.AQPD
    C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe

    This info is from the "vault", however on the initial popup, I thought the filename was spelled differently like "Flash Util10a.exe" or "Flash Util 10a.exe" (note the spaces)

    Of note, neither of us are noticing any "Problems", but my wife did get an email yesterday that employed somewhat of a phishing tactic that she unwittingly checked out, which I scolded her for... lol.

    On some Google searching, I find reference that this is a "false positive"

    I have TWO QUESTIONS:

    (1) How does one find out if something like this is really a "false positive"

    (2) If I find this really is a true threat:

    - I can deal with these two notebooks (they are backed up daily and so I can just re-image them from some point last week or so; no problem)

    - But, my BIGGEST concern is: I have a Windows Home Server at home (the HP EX475); and I am 'thinking' that to explain why both of us would have this same threat is if it was spread through my home network, and so... HOW do I even start investigating my server for any problems? Or is this even something to worry about?

    You may be aware that WHS isn't usually set up with any antivirus/antispyware/etc. - although I did install the trial version of McAfee that became available a month ago.

    Thanks!
     
    GermWarfare, Nov 14, 2008
    #1
  2. GermWarfare

    GermWarfare Private E-2

    Yeah, so I am finding posts all over the place that this is a known False Positive (since 11/14/2008?). Something to do with an auto-updater (which would make sense that both our computer are similarly set up).

    So, things should be cool.
     
    GermWarfare, Nov 14, 2008
    #2
  3. bjgarrick

    bjgarrick MajorGeeks Admin - Malware Expert

    Yes, this is a false positive and it has been resolved. See the thread below for more information.

    The best way is to post in a Malware Removal forum like this one because we usually stay up-to-date on these issues. We are usually the first to see it and know what to look for.

    http://freeforum.avg.com/read.php?4,156257,156326#msg-156326
     
    bjgarrick, Nov 16, 2008
    #3
  4. GermWarfare

    GermWarfare Private E-2

    Thanks a Ton for confirming this!
     
    GermWarfare, Nov 17, 2008
    #4
  5. bjgarrick

    bjgarrick MajorGeeks Admin - Malware Expert

    You're Welcome!:major
     
    bjgarrick, Nov 18, 2008
    #5

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds