Jump to content

Zegost32 Trojan Detected in OneDrive by VirusTotal


Recommended Posts

I am not using OneDrive and even disabled it. However, Virus Total has detected Trojan[Backdoor]/Win32.Zegost for the file for the computer desktop username. Maybe this might be the reason for a prolonged previous search into another virus topic related one month ago about monero virus CPU mining which came back negative. Also coming back negative are antivirus scans. The process seems to start with lsass.exe. Here is the Virus Total link- https://www.virustotal.com/gui/file/08dd848ee20d671560f0db814368322387b2739be3b428484dd6a429338a9191/detection

Link to post
Share on other sites

This looks like a False Positive by Antiy-AVL.

First Submission  2019-11-12

If it was malware, in the time that has transpired, the detection rate would be much higher.  This is bolstered by the fact it is a Microsoft digitally signed file.

 

Link to post
Share on other sites

I just saw in System Information that my Desktop Laptop Platform Role is Mobile. To confirm my suspicions, in autoruns I get multiple drivers some Intel, Realtek and a majority of Samsung Android USB port, Samsung Android Device, Samsung USB Mobile Logging Device Driver etc. even though my HP laptop is not connected in any way with Samsung.To be Mobile, Transient Multi Monitor(TMM) must be enabled, thereby increasing the likelihood of a remote trojan monitoring my device.

Link to post
Share on other sites

  • 5 weeks later...
  • Root Admin

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.