Jump to content


Photo

False Pos? / Iptray Dep Error After Viewing Quarantine


  • Please log in to reply
3 replies to this topic

#1 Geek4AllSeasons

Geek4AllSeasons

    Member

  • Members
  • PipPip
  • 16 posts
  • LocationNew Jersey

Posted 24 March 2011 - 11:27 PM

ClamAV for Windows 2.0.17 complained about detecting W32.Trojan.11EB while Firefox was downloading:
Software Informer download: AccountView

I allowed the file to be quarantined. Then sent the quarantined file to VirusTotal and Jotti for scanning. The only scanning engine that reported malware was Avir. It was the first time this file had been scanned by any engine.

The file is 1,109KB, exceeding the 500KB max. Please let me know how to send it. I guess it can be accessed directly from the link above.

I want/need the program, but concerned that it is 0 day threat.

It maybe coincidental, Windows XP SP3 reported a DEP exception for iptray a minute or two after browsing the quarantine for info about the files.

thanks

david
david

#2 Guest_Orlando_*

Guest_Orlando_*
  • Guests

Posted 25 March 2011 - 12:48 PM

My advice is to install Immunet Protect 3. Then I reported and it will be fixed in a few hours.

Orlando

#3 Geek4AllSeasons

Geek4AllSeasons

    Member

  • Members
  • PipPip
  • 16 posts
  • LocationNew Jersey

Posted 29 March 2011 - 09:58 PM

Ok, will install the new version.

I have been getting other false positives. Just now ClamAV for Windows would not let me download:
mingw-get-inst-20110316.exe from Sourceforge. It would quarantine the file and I couldn't click restore fast enough for the download to succeed.

Maybe options could be adjusted, but it makes more sense to install the new version first.

I didn't receive notification of your reply. I thought I selected that option.
david

#4 Geek4AllSeasons

Geek4AllSeasons

    Member

  • Members
  • PipPip
  • 16 posts
  • LocationNew Jersey

Posted 29 March 2011 - 11:50 PM

Ok, will install the new version.

I have been getting other false positives. Just now ClamAV for Windows would not let me download:
mingw-get-inst-20110316.exe from Sourceforge. It would quarantine the file and I couldn't click restore fast enough for the download to succeed.

Maybe options could be adjusted, but it makes more sense to install the new version first.

I didn't receive notification of your reply. I thought I selected that option.


Version 3.0 worked! It didn't complain about mingw-get-inst. For now I'll assume it corrects other recent false positives.

It seems to be faster/less resource intensive. (Yeah!) Total boot/login time appears to be faster. Maybe overall system responsiveness, too.

After the initial restart, Windows Explorer crashed twice and Total Commander croaked once. Much too soon to tell who's not behaving. The system config is a little hairy. There are 97 processes running now, which is typical.
david




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users