|
Posted by Keith Woolf on November 19, 2006, 8:58 am
If you were Registered and logged in, you could reply and use other advanced thread options >
> | Version 1.22 picks up C:\Program Files\Adobe\Adobe Help
> | Center\Browser\es262-32.dll as "a possible infection with
> | Backdoor:Win32/Hackdef.L".
> |
> | The automatic Quick Scan from MS Update does not flag this file, only
> the
> | user initiated Enhanced Scan. Version 1.21 does not flag this file and
> two
> | independent virus scanners similarly do not flag it.
> |
> | The file appears to be an unmodified 'genuine Adobe article'. Can anyone
> | confirm or deny that this is a False Positive?
> |
> | Keith Woolf
> |
>
> Please submit a sample of "es262-32.dll" to Virus Total --
> http://www.virustotal.com/flash/index_en.html
> The submission will then be tested against many different AV vendor's
> scanners.
> That will give you an idea what it is and who recognizes it. In addition,
> unless told
> otherwise, Virus Total will provide the sample to all participating
> vendors.
>
> You can also submit a suspect, one at a time, via the following email
> URL...
> mailto:scan@virustotal.com?subject=SCAN
>
> When you get the report, please post back the exact results.
>
>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
> http://www.ik-cs.com/got-a-virus.htm
>
Report Update
I have now run the full user initiated scan using the 'new?' version of 1.22
and it now reports 'nothing found'.
Incidentally the 'new' version 1.22 is 1.22.1632.0 with a modified date of
15 Nov 06 21.20.40 while the 'old' one was 1.22.1630 - I've 'lost' the
modified date because I deleted the file before thinking!
I did click the 'tell Microsoft' button when the 'suspicious' file was
flagged so I presume MS had a look and tweaked the MRT.
I am now feeling fairly confident that it was a False Positive. Am I living
in my usual 'fools paradise'?
Thanks for your help; I have bookmarked the VirusTotal site in case I have
more problems.
Cheers,
Keith Woolf
| 
XML site map