Tigger93 Posted July 28, 2008 ID:23956 Share Posted July 28, 2008 Passed along from another Expert.http://forums.techguy.org/malware-removal-...e-positive.htmlC:\WinFinView.exe (Trojan.Agent) -> Quarantined and deleted successfully.C:\winzip81.exe (Trojan.Agent) -> Quarantined and deleted successfully.The poster has Finale Viewer and WinZip version 8.1, which are the programs these files/installers are associated with Link to post Share on other sites More sharing options...
nosirrah Posted July 28, 2008 ID:23970 Share Posted July 28, 2008 I will see if I can reproduce these , I may have fixed them already . Link to post Share on other sites More sharing options...
nosirrah Posted July 28, 2008 ID:23971 Share Posted July 28, 2008 Here is the deal with these . Files that start with "win" in root replicate multiple infections and that is why they get hit . If the user has put files named lsass.exe or explorer.exe in root they would also have been hit .Here are my choices :1. Remove these defs and unprotect many thousands of people .2. Ask the user to whitelist .3. Ask the user to use a more conventional download location . Link to post Share on other sites More sharing options...
Tigger93 Posted July 28, 2008 Author ID:23983 Share Posted July 28, 2008 Ok, will pass along. Thanks. Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now