Jump to content


Photo

False Positive Trojan.Win32.Generic.pak!cobra ?

Started by walk123 , Mar 27 2011 04:18 PM

  • Please log in to reply
4 replies to this topic

#1 walk123

walk123

    Newbie

  • Members
  • Pip
  • 2 posts

Posted 27 March 2011 - 04:18 PM

Hi,

I’m using XP-SP3 with Ad-Aware free 9.0.2 (updated today) and it just found the malware Trojan.Win32.Generic.pak!cobra in
c:\programme\acd systems\acdsee\acdsee.exe
c:\dokumente und einstellungen\jens\anwendungsdaten\microsoft\installer\{24561814-4815-4387-ac59-05ddec5af013}\arpproducticon.exe
c:\system volume information\_restore{45eae84d-b427-416b-9f95-b489f266fdad}\rp240\a0135071.exe
c:\system volume information\_restore{45eae84d-b427-416b-9f95-b489f266fdad}\rp247\a0135566.exe

Other anti-malware software like Avira Antivir Personal free, Antivir DE Cleaner and Malwarebytes’ Anti-Malware (all with latest releases and updated today) didn’t’ find any suspicious items.

After de-installing completely the ACDSee software and installing it again the virus came up again. Now all detected files are in quarantine folder.

Please advise if the detected malware is really there or if it is a False Positive.

Enclosed you can find the log files and the zipped quarantine files. Please tell me if you need anything else.

Thanks a lot for your assistance.

Attached Files


#2 LS Andy

LS Andy

    Lavasoft Staff/Forum Overlord

  • Root Admin
  • 1427 posts

Posted 27 March 2011 - 06:10 PM

Hi walk123,

Thanks for your post. These files will be re-investigated. We'll post the results here.

Regards,

Andy
Lavasoft Malware Labs
irc.geekshed.net /join #MalwareLab

Twitter: @LSAndyB
unsolicited@tenalia.com

#3 psvd

psvd

    Newbie

  • Members
  • Pip
  • 1 posts

Posted 28 March 2011 - 02:11 PM

Hey Lavasoft,

i have the exact same report as the topic starter.
XP pro SP3, ACDSee 4.0

i hope its a False Positive.

Regards, Peter

Attached Files


Edited by psvd, 28 March 2011 - 02:13 PM.

#4 LS Andy

LS Andy

    Lavasoft Staff/Forum Overlord

  • Root Admin
  • 1427 posts

Posted 29 March 2011 - 08:07 AM

Hi,

I’m using XP-SP3 with Ad-Aware free 9.0.2 (updated today) and it just found the malware Trojan.Win32.Generic.pak!cobra in
c:\programme\acd systems\acdsee\acdsee.exe
c:\dokumente und einstellungen\jens\anwendungsdaten\microsoft\installer\{24561814-4815-4387-ac59-05ddec5af013}\arpproducticon.exe
c:\system volume information\_restore{45eae84d-b427-416b-9f95-b489f266fdad}\rp240\a0135071.exe
c:\system volume information\_restore{45eae84d-b427-416b-9f95-b489f266fdad}\rp247\a0135566.exe

Other anti-malware software like Avira Antivir Personal free, Antivir DE Cleaner and Malwarebytes’ Anti-Malware (all with latest releases and updated today) didn’t’ find any suspicious items.

After de-installing completely the ACDSee software and installing it again the virus came up again. Now all detected files are in quarantine folder.

Please advise if the detected malware is really there or if it is a False Positive.

Enclosed you can find the log files and the zipped quarantine files. Please tell me if you need anything else.

Thanks a lot for your assistance.


Hi walk123,

These FPs have been removed from detection - thanks for the report.

Regards,

Andy
Lavasoft Malware Labs
irc.geekshed.net /join #MalwareLab

Twitter: @LSAndyB
unsolicited@tenalia.com

#5 walk123

walk123

    Newbie

  • Members
  • Pip
  • 2 posts

Posted 29 March 2011 - 07:23 PM

Hi Andy,

I'm really very glad to hear that these are False Positives!

Have so many thanks for your help

Regards
walk123
Back to Resolved/Inactive False Postive Issues


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Lavasoft Support Forums
  2. Archived Topics
  3. Archives: Resolved/Inactive Topics
  4. Resolved/Inactive False Postive Issues
  5. Terms of Service