Antidust.exe - What is this?

[aduman]

Hi everyone! I just stumpled upon this file. It's located under Program Files(x86) and I have no idea what it is. Tried googling but surprisingly couldn't find anything! File info shows this:

 

forum.simplix.ks.ua/viewtopic.php?id=423

 

Scanned with nod32 and SpyBot but turned out clean. Malwarebytes has no clue either. Curiosity took over and I clicked it but nothing happened. Really scared right now. Need your help!

 

EDIT: Should I delete it or let it stay quarantined?

[Tedster]

Yup, it seems kinda scary. I'm not sure what it is, but I'd personally do my best to remove it.

 

Some of the text on the page: https://forum.simplix.ks.ua/viewtopic.php?id=423translates to not a valid topic etc, meaning that whatever content was there has been removed.

• http://www.removewindowsspyware.com/fixerror-exe/antidust.exe.htmlsays it's a trojan
• http://www.highpcspeed.com/errors-exe/antidust.exe.htmlsays it's a trojan too
• http://www.removeonline.com/antidust-exe/says it's a 'malicious application that can infect your computer and make it almost unusable' 
• http://www.solvusoft.com/en/files/error-virus-removal/exe/windows/windows-software-developer/antidust-tool/antidust-exe/says it's 'a type of EXE file associated with AntiDust tool developed by Windows Software Developer for the Windows Operating System." Blahblahblahblah, security rating "unknown"...

The more I look at these the less I want to trust any of these sites. FreeFixer is probably some sort of terrible adware, and their site says this:

[Akolyte]

Is it in a folder?  What does the folder say, does it give any clues.  

 

My advice, download Process Explorer and enable virus total.  Get it uploaded and scanned while you watch it.  Use Autoruns, see if its got any startup entries. 

 

If it does, if it doesn't have a folder.  Thats suspicious.  If its not for Windows, delete the damn thing.  (making a restore point beforehand of course) 

[aduman]

Yup, it seems kinda scary. I'm not sure what it is, but I'd personally do my best to remove it.

 

I did delete it but quarantined beforehand if that makes a difference lol

[aduman]

Is it in a folder?  What does the folder say, does it give any clues.  

 

My advice, download Process Explorer and enable virus total.  Get it uploaded and scanned while you watch it.  Use Autoruns, see if its got any startup entries. 

 

If it does, if it doesn't have a folder.  Thats suspicious.  If its not for Windows, delete the damn thing.  (making a restore point beforehand of course) 

 

It has no folder. Sits right under ProgramFiles(x86). I created a restore point before clicking it. I uploaded the file to virustotal before starting the thread, only two antiviruses tagged it as trojan.

[Akolyte]

I did delete it but quarantined beforehand if that makes a difference lol

Quarantined is better imo.  Essentially disabling the file and everything it does.  Better than just deleting it, then you can fully research it till you know what it is.  

 

 

It has no folder. Sits right under ProgramFiles(x86). I created a restore point before clicking it. I uploaded the file to virustotal before starting the thread, only two antiviruses tagged it as trojan.

 

What engines were they?  

 

Pls send me the virustotal report I should take a look at this.  i might report it to AVG. 

[Counter-Strike Player]

[edit] let's see the virustotal results page

[aduman]

https://www.virustotal.com/en/file/5690f3d97e0c2b4831df4aa4238eaef5be3992e3ff8e26b60bba00bf587e3783/analysis/

 

Here it is.

 

Process explorer crashes after 10/15 secs. This is getting scarier.

[aduman]

Quarantined is better imo.  Essentially disabling the file and everything it does.  Better than just deleting it, then you can fully research it till you know what it is.  

 

 

 

What engines were they?  

 

Pls send me the virustotal report I should take a look at this.  i might report it to AVG. 

 

 

[edit] let's see the virustotal results page

 

I just did, forgot to quote

[Akolyte]

I just did, forgot to quote

Thanks, I'll boot up a vm and check this out. 

[aduman]

Thanks, I'll boot up a vm and check this out. 

 

Thanks! Do you have any advice for me? I'm sh*tting my pants over here.