Please tell me these are false postives

lawsoncb · #1 08-21-2007, 03:22 PM

Here is a little larger image(Same as above)

lawsoncb · #2 08-21-2007, 03:26 PM

3rd scan in the administrator account come back with the User/Chris threats but still did not heal them

running online Trend micro scan

psionic storm · #3 08-21-2007, 03:45 PM

that screenshot doesnt say much, post binaries for someone to look at.

lawsoncb · #4 08-21-2007, 03:48 PM

binaries?

im_not_1337 · #5 08-21-2007, 03:47 PM

Looks like its a false positive and im pretty sure thats what it is. However, i guess it is remotely possible that it is legitimate malware, although i really doubt it.

Upload it to:
Jotti's online malware scanner:http://virusscan.jotti.org/
and Virustotal.com:http://www.virustotal.com/

Post the results and we'll take a look

lawsoncb · #6 08-21-2007, 04:08 PM

[ QUOTE ]
Looks like its a false positive and im pretty sure thats what it is. However, i guess it is remotely possible that it is legitimate malware, although i really doubt it.

Upload it to:
Jotti's online malware scanner:http://virusscan.jotti.org/
and Virustotal.com:http://www.virustotal.com/

Post the results and we'll take a look

[/ QUOTE ]

Thanks,

Any way to upload the files that were healed that are in the Virus Vault

lawsoncb · #7 08-21-2007, 05:34 PM

[ QUOTE ]
Looks like its a false positive and im pretty sure thats what it is. However, i guess it is remotely possible that it is legitimate malware, although i really doubt it.

Upload it to:
Jotti's online malware scanner:http://virusscan.jotti.org/
and Virustotal.com:http://www.virustotal.com/

Post the results and we'll take a look

[/ QUOTE ]

I tried these but were unable to get them to work.

virusscan.jotti- said uploading for 10 mins and then went to server busy pleas try again later.

virustotal- tried uploading for about 5 mins and said the files were to big

I am only able to upload the files that were not healed. The User/Chris files.

I scanned the followinfg folders with Kaspersky Online Scan and all came up clean.
dell\drivers
User\Chris
Program Files\InstallShield Installation Information (this is from the first scan that I do no have the screenshot from)

UbinTook · #8 08-21-2007, 06:16 PM

update all your virus definitions, retstart the computer in safemode and rescan and see what appears.

lawsoncb · #9 08-21-2007, 09:42 PM

[ QUOTE ]
update all your virus definitions, retstart the computer in safemode and rescan and see what appears.

[/ QUOTE ]

Found all the same threats in C:User\Chris as above. These were still not cleaned, deleted, or moved to the vault.

lawsoncb · #10 08-21-2007, 10:29 PM

[ QUOTE ]
Looks like its a false positive and im pretty sure thats what it is. However, i guess it is remotely possible that it is legitimate malware, although i really doubt it.

Upload it to:
Jotti's online malware scanner:http://virusscan.jotti.org/
and Virustotal.com:http://www.virustotal.com/

Post the results and we'll take a look

[/ QUOTE ]

I restored one of the files from the vault and scanned it with both of these.

File C:\dell\drivers\R139937\ISSetup.dll

On both scans AVG was the only one that detected anything