Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
Statik

How to tell if a program is malicious?

VirusTotal allows you to upload the files to their website where a server on their end will scan the files using various anti-viruses and then their own custom tools to determine what kind of malware the program could hold. Very new (like under 2-3 days old) viruses won't get detected, but you have had this thing since May so if is malicious it is 100% in the virustotal database. 

Recommended Posts

Posted · Original PosterOP

Hey all,

 

So I'm scrolling though my task manager just seeing what's all running on my laptop, and I've come across a few things that I don't exactly know what they are. Malwarebytes, Windows Defender, and Superantispyware all show some of them as clean, but is there a way to verify? For instance I have a program called "SHA1:0x608020e9" and opening the file location it's "Intel_PIE_Service.exe" in a folder in my System32 File Repository folder.

 

How do I verify things like this, and verify I don't have any sneaky malware/cryptominers, etc?


Gaming Build:

CPU: Ryzen 7 3800x   |  GPU: Asus ROG STRIX 2080 SUPER Advanced (2115Mhz Core | 9251Mhz Memory) |  Motherboard: Asus X570 TUF GAMING-PLUS  |  RAM: G.Skill Ripjaws DDR4 3600MHz 16GB  |  PSU: Corsair RM850x  |  Storage: 1TB ADATA XPG SX8200 Pro, 250GB Samsung 840 Evo, 500GB Samsung 840 Evo  |  Cooler: CM ML240R  |  Case: Lian Li PC-O11

 

Peripherals:

Monitor: LG 34GK950F  |  Sound: Sennheiser HD 598  |  Mic: Blue Yeti  |  Keyboard: Corsair K95 RGB Platinum  |  Mouse: Logitech G502

 

Laptop:

Asus ROG Zephryus G15

Ryzen 7 4800HS, GTX1660Ti, 16GB DDR4 3200Mhz, 512GB nVME, 144hz

 

 

Link to post
Share on other sites
1 minute ago, Statik said:

How do I verify things like this, and verify I don't have any sneaky malware/cryptominers, etc?

VirusTotal is probably the closest thing to what you're asking about


"We're all in this together, might as well be friends" Tom, Toonami.

Sorry if my post seemed rude, that is never my intention.

"Why do we suffer a lifetime for a moment of happiness?" - Anonymous

 

Link to post
Share on other sites
Posted · Original PosterOP
2 minutes ago, minibois said:

VirusTotal is probably the closest thing to what you're asking about

So if a file comes up good there chances are it's good?

 

Just because upon googling "Intel PIE Service" there's a few hits for Cryptominer/spyware, but nothing pops it. It's also been on my computer since May which is right around the time when I picked up my latpop, and it saw very little use until July.


Gaming Build:

CPU: Ryzen 7 3800x   |  GPU: Asus ROG STRIX 2080 SUPER Advanced (2115Mhz Core | 9251Mhz Memory) |  Motherboard: Asus X570 TUF GAMING-PLUS  |  RAM: G.Skill Ripjaws DDR4 3600MHz 16GB  |  PSU: Corsair RM850x  |  Storage: 1TB ADATA XPG SX8200 Pro, 250GB Samsung 840 Evo, 500GB Samsung 840 Evo  |  Cooler: CM ML240R  |  Case: Lian Li PC-O11

 

Peripherals:

Monitor: LG 34GK950F  |  Sound: Sennheiser HD 598  |  Mic: Blue Yeti  |  Keyboard: Corsair K95 RGB Platinum  |  Mouse: Logitech G502

 

Laptop:

Asus ROG Zephryus G15

Ryzen 7 4800HS, GTX1660Ti, 16GB DDR4 3200Mhz, 512GB nVME, 144hz

 

 

Link to post
Share on other sites
Just now, Statik said:

So if a file comes up good there chances are it's good?

 

Just because upon googling "Intel PIE Service" there's a few hits for Cryptominer/spyware, but nothing pops it. It's also been on my computer since May which is right around the time when I picked up my latpop, and it saw very little use until July.

I am not sure how the virus scanners in VirusTotal do their thing, but it would be pretty naive from them to just simply assume "bad name = bad program".

It's entirely possible it's a real program, just with virus impersonations for it.


"We're all in this together, might as well be friends" Tom, Toonami.

Sorry if my post seemed rude, that is never my intention.

"Why do we suffer a lifetime for a moment of happiness?" - Anonymous

 

Link to post
Share on other sites
Posted · Best Answer

VirusTotal allows you to upload the files to their website where a server on their end will scan the files using various anti-viruses and then their own custom tools to determine what kind of malware the program could hold. Very new (like under 2-3 days old) viruses won't get detected, but you have had this thing since May so if is malicious it is 100% in the virustotal database. 

Link to post
Share on other sites
4 minutes ago, minibois said:

I am not sure how the virus scanners in VirusTotal do their thing, but it would be pretty naive from them to just simply assume "bad name = bad program".

It's entirely possible it's a real program, just with virus impersonations for it.

They basically send your file through a pipeline of malware and virus scanners.

Link to post
Share on other sites

Yo, so I have the same exact problem. I have a ROG Zephyrus. Since we have the same program, I doubt it should be a program, because I too saw very little activity. At the same time, I too agree that I got it very recently. So, this shouldn't be an issue!

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


×