8 replies to this topic

[BWarriner]

The latest build (11614?) caught this .exe which I believe is part of the ERUNT backup registry tool.

Skipped items:
Description: c:\windows\erdnt\4-5-2011\erdnt.exe Family Name: FraudTool.Win32.AVSoft (v) Engine: 3 Clean status: Success Item ID: 1 Family ID: 0 MD5: 89afdd29832aa923926bdd4b5f5243d5

Attached Files

•  Scan_2012-03-02-17-03-34.log   38.72K   1 downloads
•  ERDNT.zip   151.57K   1 downloads

[akcan]

AD-AWARE Pro caught this Trojan(?) during a deep scan today and i don´t have ERUNT on my computer.

[CeciliaB]

Hi akcan,

Many files can be reported as FraudTool.Win32.AVSoft(v) and only a few are false positives. Please, follow the guide http://www.lavasofts...showtopic=18033 to give Lavasoft all the information they need to be able to investigate if it is a false positive in your case.

[BWarriner]

Cecilia, can you respond to my original query please?

[akcan]

HI!
Unfortunately i have already removed the file. It seems to be rather complicated to send the information to Lavasoft.
Why not just dubbelclic the Ad-Awareicon on the clipboard and then go to "quarantine"?

[BWarriner]

akcan, can you please create a separate thread for your issue so I can get a more expedited response for mine?

[CeciliaB]

Cecilia, can you respond to my original query please?

Sorry BWarriner, I don't do malware research. I have not seen LS Andy in the forum this week, he probably has missed your post and I will send him an email.

[LS Andy]

Hi BWarriner,

Thanks for your report. This was a false positive and will no longer be detected by Ad-Aware. Please update your definition file.

Regards,

Andy
Lavasoft Malware Labs

[BWarriner]

Thanks.