Jump to content

2 FP's


Tigger93

Recommended Posts

Passed along from another Expert.

http://forums.techguy.org/malware-removal-...e-positive.html

C:\WinFinView.exe (Trojan.Agent) -> Quarantined and deleted successfully.

C:\winzip81.exe (Trojan.Agent) -> Quarantined and deleted successfully.

The poster has Finale Viewer and WinZip version 8.1, which are the programs these files/installers are associated with

Link to post
Share on other sites

Here is the deal with these . Files that start with "win" in root replicate multiple infections and that is why they get hit . If the user has put files named lsass.exe or explorer.exe in root they would also have been hit .

Here are my choices :

1. Remove these defs and unprotect many thousands of people .

2. Ask the user to whitelist .

3. Ask the user to use a more conventional download location .

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.