zxcdsa Posted September 16, 2010 ID:314276 Share Posted September 16, 2010 This file is part of a legitimate install of WinRAR from their website.File name:Zip.SFXSubmission date:2010-09-16 04:22:02 (UTC)Current status:queued queued analysing finishedResult:1/ 43 (2.3%)http://www.virustotal.com/file-scan/report...57d2-1284610922 Link to post Share on other sites More sharing options...
nosirrah Posted September 16, 2010 ID:314279 Share Posted September 16, 2010 This should be fixed. Link to post Share on other sites More sharing options...
zxcdsa Posted September 16, 2010 Author ID:314280 Share Posted September 16, 2010 This should be fixed.I hope so, a more definite answer would help, but tank you! Link to post Share on other sites More sharing options...
MAM Posted September 16, 2010 ID:314395 Share Posted September 16, 2010 Is not fixt now, always the same by me. MAM Link to post Share on other sites More sharing options...
nosirrah Posted September 16, 2010 ID:314406 Share Posted September 16, 2010 Is not fixt now, always the same by me. MAMPlease post your scan log. Link to post Share on other sites More sharing options...
MAM Posted September 16, 2010 ID:314422 Share Posted September 16, 2010 ...here is a developer log of Malwarebytes' Anti-Malware, i hope that help Link to post Share on other sites More sharing options...
MAM Posted September 16, 2010 ID:314444 Share Posted September 16, 2010 And now ?mbam-log-2010-09-16 (18-23-22).txtArt des Suchlaufs: Vollst Link to post Share on other sites More sharing options...
Staff shadowwar Posted September 16, 2010 Staff ID:314454 Share Posted September 16, 2010 Please post the full log with the def version in it. Thanks. Link to post Share on other sites More sharing options...
MAM Posted September 16, 2010 ID:314459 Share Posted September 16, 2010 That was not the full log, of the developer mode ?Ok, we start again.Here the log:Malwarebytes' Anti-Malware 1.46www.malwarebytes.orgDatenbank Version: 4629Windows 5.1.2600 Service Pack 3Internet Explorer 8.0.6001.1870216.09.2010 18:23:22mbam-log-2010-09-16 (18-23-22).txtArt des Suchlaufs: Vollst Link to post Share on other sites More sharing options...
MAM Posted September 16, 2010 ID:314461 Share Posted September 16, 2010 Ok, i understand now, sorry that was my fault MAM Link to post Share on other sites More sharing options...
nosirrah Posted September 16, 2010 ID:314462 Share Posted September 16, 2010 Please zip and a attach a copy of Zip.SFX, yours must be different. Link to post Share on other sites More sharing options...
MAM Posted September 16, 2010 ID:314464 Share Posted September 16, 2010 Please zip and a attach a copy of Zip.SFX, yours must be different.Ok, here i am again....Here are the result Link to post Share on other sites More sharing options...
MAM Posted September 16, 2010 ID:314477 Share Posted September 16, 2010 And now what shall i do ?MAM Link to post Share on other sites More sharing options...
FrankieHi Posted September 16, 2010 ID:314489 Share Posted September 16, 2010 Hi, I have the same problem described by MAM...Same file (C:\Programmi\WinRAR\ZIP.SFX), same result (Backdoor.Bot), same version of Mbam (Malwarebytes' Anti-Malware 1.46) and same definition ver (Versione database: 4629)In this moment the file is quarantined.I'll wait for news Regards Link to post Share on other sites More sharing options...
MAM Posted September 16, 2010 ID:314500 Share Posted September 16, 2010 Hi, I have the same problem described by MAM...Same file (C:\Programmi\WinRAR\ZIP.SFX), same result (Backdoor.Bot), same version of Mbam (Malwarebytes' Anti-Malware 1.46) and same definition ver (Versione database: 4629)In this moment the file is quarantined.I'll wait for news RegardsHello, i must ask you, this the same result from virustotal.com too, as me ?MAM Link to post Share on other sites More sharing options...
nosirrah Posted September 16, 2010 ID:314513 Share Posted September 16, 2010 Everyone has permission to upload ZIP files, there are no restrictions to anyone. Look at the use above in this post. They ZIPPED and attached the same file. Link to post Share on other sites More sharing options...
MAM Posted September 16, 2010 ID:314519 Share Posted September 16, 2010 Hello, why are you using not the download link in my posting #12 ?Sorry i can Link to post Share on other sites More sharing options...
FrankieHi Posted September 16, 2010 ID:314527 Share Posted September 16, 2010 Hello, i must ask you, this the same result from virustotal.com too, as me ?Yes, the result was 1/ 43 (2.3%) --> McAfee-GW-Edition 2010.1C 2010.09.16 Heuristic.BehavesLike.Win32.Suspicious.HEveryone has permission to upload ZIP files, there are no restrictions to anyone. Look at the use above in this post. They ZIPPED and attached the same file.Ok, I'm sorry. This the first post for me File zipped and attached:ZIP.zipThank you in advanceRegards Link to post Share on other sites More sharing options...
MAM Posted September 16, 2010 ID:314528 Share Posted September 16, 2010 Ok it Link to post Share on other sites More sharing options...
nosirrah Posted September 16, 2010 ID:314530 Share Posted September 16, 2010 If you rename its extension to .zip or .txt you will be able to attach it, I will fix it on my end.You do not actually need to zip the file, only the extension needs to be .zip so renaming will work. Link to post Share on other sites More sharing options...
MAM Posted September 16, 2010 ID:314531 Share Posted September 16, 2010 Is this the right one now ?I renamed to'.txt.MAM Link to post Share on other sites More sharing options...
nosirrah Posted September 16, 2010 ID:314533 Share Posted September 16, 2010 Yes, the result was 1/ 43 (2.3%) --> McAfee-GW-Edition 2010.1C 2010.09.16 Heuristic.BehavesLike.Win32.Suspicious.HOk, I'm sorry. This the first post for me File zipped and attached:ZIP.zipThank you in advanceRegardsThanks for the file, this will be fixed in about 5 minutes. Link to post Share on other sites More sharing options...
MAM Posted September 16, 2010 ID:314534 Share Posted September 16, 2010 I have zipped, before i am renaming to .txt.MAM Link to post Share on other sites More sharing options...
FrankieHi Posted September 16, 2010 ID:314536 Share Posted September 16, 2010 Thanks for the file, this will be fixed in about 5 minutes.Thank you so much for your quickness and professionality.Do I have to wait for an uptade now, right?Regards Link to post Share on other sites More sharing options...
FrankieHi Posted September 16, 2010 ID:314539 Share Posted September 16, 2010 Ok nevermind The update has come and now zip.sfx is not detected as a backdoor!Just a question, just for knowledge... was that file a real false positive then?Thank you so much for your help Best Regards, Francesco Link to post Share on other sites More sharing options...
Recommended Posts