Reply
Member
Chearcher
Posts: 3

Todo <[ChineseLettering]> What is this?

[ Edited ]

So on startup I found TODO <[CHinese Lettering]>. When I click "Go to file location" it brings me Toshiba Password Utility under Program Files (x86) but it is not visible in the file... Is this a virus logging my password? My laptop has been the only slow one in my house (ping/lag wise), and Norton (both full scan and Power Eraser) found nothing. I ran a CCleaner with no luck. 

 

For now, I have disabled it under Startup in Task Manager, but it isn't in "Change or remove a program"

 

Help please!

Ace Advisor
Jerry_Lippey
Posts: 38,726

Re: Todo <[ChineseLettering]> What is this?

Which laptop? There is a label on the bottom.

 

Can you attach pictures of this?

-Jerry
Member
Chearcher
Posts: 3

Re: Todo <[ChineseLettering]> What is this?

[ Edited ]

This would be the Sattelite L875D - S7332

 

MalwareBytes did not detect anything, neither did Norton again. I have attached a photos of it.

 

Picture

1. It is there, under Startup in Task Manager

2. This is what happens when I Press "Properties"

3. This is what happens when I Press "Open File Location"

 

So yeah, I am running Windows 8, and Windows is up to date.

 

Here is my most recent (performed at 6:30 PM EST) MalwareBytes Log:

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

 

Database version: v2013.04.04.07

 

Windows 8 x64 NTFS

 

Internet Explorer 10.0.9200.16721

 

10/25/2013 5:53:09 PM

 

mbam-log-2013-10-25 (17-53-09).txt

 

Scan type: Full scan (C:\|D:\|)

 

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

 

Scan options disabled: P2P

 

Objects scanned: 411178

 

Time elapsed: 1 hour(s), 6 minute(s), 11 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0
(No malicious items detected)

 

Registry Data Items Detected: 0
(No malicious items detected)

 

Folders Detected: 0
(No malicious items detected)

 

Files Detected: 0
(No malicious items detected)

 

(end)

Ace Advisor
Jerry_Lippey
Posts: 38,726

Re: Todo <[ChineseLettering]> What is this?

 

Satellite L875D-S7332

 


C:\Program Files (x86)\TOSHIBA\Password Utility\reg.exe


I have no reason to believe that's not a legitimate Toshiba file. Why do you think so?

 

Is it the Kanji characters that put you off?

 

We have no Toshiba machines here to look at. Perhaps somebody with a similar model reading this thread can check their machine for that.

-Jerry
Member
pnamajck
Posts: 3

Re: Todo <[ChineseLettering]> What is this?

more  importantly … which  retail  outlet  did  you  purchase  this  unit  from ?

Member
Chearcher
Posts: 3

Re: Todo <[ChineseLettering]> What is this?

[ Edited ]

The fact that click "Go To Details" brought me to the Toshiba Password Utility folder made me think it was Toshiba related....

 

**SORRY FOR LATE REPLY**

Ace Advisor
Jerry_Lippey
Posts: 38,726

Re: Todo <[ChineseLettering]> What is this?

Does it make sense that a virus author would bury his stuff in a Toshiba folder?

 

The payoff would be too small.

-Jerry
Member
corye
Posts: 4

Re: Todo <[ChineseLettering]> What is this?

...I have the same sytem as the post author, and i also have this weird file. read on other forums about potentially malicious software. Bought my lappy at an H.H gregg store.