Avast is blocking my Toshiba updater from running? Image attached.

I’ve attached a screenshot of the pop-up I’m getting. It pops up about once a minute or once every two minutes. This just started this morning. How do I get the software to allow it rather than block it?

trying to scan it with wepawet, i get “Invalid hostname” and down for every one say toshibapc.com is dead

http://www.downforeveryoneorjustme.com/http://www.toshibapc.com/swupgrades/ping.htm

and urlquery does not display much…click the picture in top right corner
http://urlquery.net/report.php?id=14589

Thank you very much, Pondus. The first link you provided did show me that toshibapc.com is down, but then Avast blocked the URL when I clicked on the site link. The 2nd link worked, as well. Do I have to just wait for the site to come back up before the pop-ups will stop or is there a way to simply stop this particular notification?

well…avast block it as a Malware URL… why? and why is the link down?
is the site hacked, and down for cleaning?..or is this a avast False Positive ?

upload suspicious file(s) ( C:\Toshiba\IVP\ISM\pinger.exe ) to www.virustotal.com and test with 43 malware scanners
when you have the result, copy the url in the address bar and post it here for us to see

alternative
Jotti http://virusscan.jotti.org/en
VirSCAN http://virscan.org/
Metascan http://www.metascan-online.com/

Hi Pondus,

It is also mentioned in this authentication fail list: https://cacti.eepis-its.edu/sarg3/Weekly/2011Jan29-2011Jan29/authfail.html

polonus

MODIFIED: I reanalyzed it and the result was exactly the same as the report from 12/13/2011 that I posted below…

Here is what virustotal.com provided. This is the product of the last report, which was made on 12/13/2011. One of the 43 virus scans found a trojan:

Antivirus Version Last Update Result
AhnLab-V3 2011.12.12.00 2011.12.12 -
AntiVir 7.11.19.74 2011.12.13 -
Antiy-AVL 2.0.3.7 2011.12.13 Trojan/Win32.Delf.gen
Avast 6.0.1289.0 2011.12.12 -
AVG 10.0.0.1190 2011.12.12 -
BitDefender 7.2 2011.12.13 -
ByteHero 1.0.0.1 2011.12.07 -
CAT-QuickHeal 12.00 2011.12.12 -
ClamAV 0.97.3.0 2011.12.12 -
Commtouch 5.3.2.6 2011.12.13 -
Comodo 10935 2011.12.13 -
DrWeb 5.0.2.03300 2011.12.13 -
Emsisoft 5.1.0.11 2011.12.13 -
eSafe 7.0.17.0 2011.12.11 -
eTrust-Vet 37.0.9620 2011.12.13 -
F-Prot 4.6.5.141 2011.12.12 -
F-Secure 9.0.16440.0 2011.12.13 -
Fortinet 4.3.388.0 2011.12.13 -
GData 22 2011.12.13 -
Ikarus T3.1.1.109.0 2011.12.13 -
Jiangmin 13.0.900 2011.12.12 -
K7AntiVirus 9.119.5661 2011.12.12 -
Kaspersky 9.0.0.837 2011.12.13 -
McAfee 5.400.0.1158 2011.12.13 -
McAfee-GW-Edition 2010.1E 2011.12.12 -
Microsoft 1.7903 2011.12.12 -
NOD32 6705 2011.12.12 -
Norman 6.07.13 2011.12.12 -
nProtect 2011-12-12.01 2011.12.12 -
Panda 10.0.3.5 2011.12.12 -
PCTools 8.0.0.5 2011.12.13 -
Prevx 3.0 2011.12.13 -
Rising 23.88.00.02 2011.12.12 -
Sophos 4.72.0 2011.12.13 -
SUPERAntiSpyware 4.40.0.1006 2011.12.13 -
Symantec 20111.2.0.82 2011.12.13 -
TheHacker 6.7.0.1.356 2011.12.11 -
TrendMicro 9.500.0.1008 2011.12.13 -
TrendMicro-HouseCall 9.500.0.1008 2011.12.13 -
VBA32 3.12.16.4 2011.12.12 -
VIPRE 11245 2011.12.13 -
ViRobot 2011.12.12.4821 2011.12.13 -
VirusBuster 14.1.112.0 2011.12.12 -

Hi Pondus,

Looking up -www.toshibapc.com
Unable to locate remote host -www.toshibapc.com.
Alert!: Unable to connect to remote host.

lynx: Can’t access startfile -http://www.toshibapc.com/swupgrades/ping.htm
couldn’t read errors from /tmp/html2txt.err.13508.html

polonus

What does this mean to Toshiba users like me? Is there an option to turn off the pop-up for this particular issue?

http://www.bleepingcomputer.com/startups/pinger.exe-4053.html

This program is not required to start automatically as you can run it when you need to. It is advised that you disable this program so that it does not take up necessary resources. The following information is a brief description of what is known about this file. If you require further assistance for this file, feel free to ask about in the forums.
That should do it...until it is fixed

Report False Positive here
http://www.avast.com/contact-form.php?loadStyles

I’m happy to do it if it stops the pop-ups. How?

There should be a thosiba program installed that check for updates…turn it off

I do not know what the name is…look among your installed Thosiba programs

maybe it is this http://download.cnet.com/Toshiba-Drivers-Update-Utility/3000-2094_4-75206691.html

I found it under Programs and Features and there is an option to “Change” or “Uninstall” it. Obviously I won’t Uninstall it, but I’m afraid to click “Change” because I’ve never changed a program before. Will I get a prompt specifying what kind of changes are available to be made?

this FP will be fixed with next VPS update

That is the wrong place to do it…you open the program as you would do with any other program
you should find it under start > all programs…there may be a Thosiba folder where all the thosiba preinstalled programs are in?

anyway…as you see from Max post, this is a FP and will be fixed soon…it may already be when you read this :wink:

Moody,

If you are using Vista, open start and in the Start Search area, type in msconfig then press enter, then continue. This will open up the System configuration box. Click on Services, and scroll down to the middle. You should see pinger checked under the service column. Click on the box to uncheck, then at the bottom click on apply, and you will be prompted to restart your computer.

I had the exact same problem and did this several minutes ago…it disabled pinger at start-up, and so far no problems. Not sure if its an issue with a hijacked url, or something that attached itself to the pinger.exe file.

I hope this helps.

@TomyJ read reply Nr #12 :wink: