Both Avira and Malwarebytes claiming GamersGate patches are Trojans
in [Spyware]
|
Prev: Another Crock Of Fuvg Spyware Program
Next: Both Avira and Malwarebytes claiming GamersGate patches areTrojans
From: Wile E. Coyote on 2 Dec 2009 21:48 David H. Lipman wrote: > I'll tell 'ya what. Upload the files to http://www.uploadmalware.com/ > > Mark in the submission that they are FPs for me. I will provide them to Malwarebytes and > Avira personnel for their inspection. > No registration is needed to submit files at UploadMalware.Com . > OK, done. I didn't provide real email address so post back here what you find, thanks.
From: Wile E. Coyote on 2 Dec 2009 21:52 Buffalo wrote: > virustotal.com > > Thanks. Here are the results, some say Trojan but most don't. Antivirus Version Last Update Result a-squared 4.5.0.43 2009.11.30 - AhnLab-V3 5.0.0.2 2009.11.30 - AntiVir 7.9.1.79 2009.11.30 TR/Pasta.eoa Antiy-AVL 2.0.3.7 2009.11.30 Trojan/Win32.Pasta.gen Authentium 5.2.0.5 2009.11.30 - Avast 4.8.1351.0 2009.11.30 - AVG 8.5.0.426 2009.11.30 - BitDefender 7.2 2009.11.30 - CAT-QuickHeal 10.00 2009.11.30 Trojan.Pasta.dkb ClamAV 0.94.1 2009.11.30 - Comodo 3091 2009.11.30 - DrWeb 5.0.0.12182 2009.11.30 - eSafe 7.0.17.0 2009.11.30 - eTrust-Vet 35.1.7148 2009.11.30 - F-Prot 4.5.1.85 2009.11.30 - F-Secure 9.0.15370.0 2009.11.29 - Fortinet 4.0.14.0 2009.11.30 W32/Pasta.EOA!tr GData 19 2009.11.30 - Ikarus T3.1.1.74.0 2009.11.30 - Jiangmin 11.0.800 2009.11.29 - K7AntiVirus 7.10.906 2009.11.27 - Kaspersky 7.0.0.125 2009.11.30 Trojan.Win32.Pasta.eoa McAfee 5818 2009.11.30 - McAfee+Artemis 5818 2009.11.30 Artemis!1A016F11A071 McAfee-GW-Edition 6.8.5 2009.11.30 Trojan.Pasta.eoa Microsoft 1.5302 2009.11.30 - NOD32 4649 2009.11.30 - Norman 6.03.02 2009.11.30 - nProtect 2009.1.8.0 2009.11.28 - Panda 10.0.2.2 2009.11.30 Suspicious file PCTools 7.0.3.5 2009.11.30 - Prevx 3.0 2009.11.30 High Risk Cloaked Malware Rising 22.24.00.09 2009.11.30 - Sophos 4.48.0 2009.11.30 - Sunbelt 3.2.1858.2 2009.11.29 Encrypted Archive Symantec 1.4.4.12 2009.11.30 - TheHacker 6.5.0.2.081 2009.11.28 Trojan/Pasta.axh TrendMicro 9.100.0.1001 2009.11.30 - VBA32 3.12.12.0 2009.11.30 Trojan.Win32.Pasta.diq ViRobot 2009.11.30.2062 2009.11.30 - VirusBuster 5.0.21.0 2009.11.30 Trojan.Pasta.AQS Additional information File size: 2715977 bytes MD5 : 1a016f11a0717b459971d4ecd5f44c7b SHA1 : 1498abb74161f63410fa6a7d9cd3c0f8f592f47a SHA256: ee824066d3be12b704304d1907cb39a9b50bed21c88cfdb56ef85b482c6ecfcf PEInfo: PE Structure information
From: Wile E. Coyote on 2 Dec 2009 21:59 Dustin Cook wrote: > I'm sorry our software has caused you such a hassle. If you'd be willing > to post on the forums we maintain, we'd be able to get those issues > cleared up for you faster (most likely) than doing it yourself and > spending those hours.. wasted. With that said, we don't intentionally > detect legimitate software. Many reasons do exist for that occasionally > occuring. We are quick to correct them, when/if we find out they exist. > :) Usenet really isn't the best way for us to monitor that however. > I have heard several people make remarks like so and so company isn't > going to like this. Evidently, you seem to be under the mistaken > impression that so and so company has anything to do with our decision to > or not to add something to the database. In this case, it's most likely a > false positive and not intentional on our part. However, please don't > mistakenly assume we will bow to pressure from any company; It doesn't > work that way. > > > I was very tired and over-reacted, sorry. I don't get enough sleep and it makes me irritable when I don't. It's not just your prog that is detecting the Trojan any way and quite a few are but not the majority of scanners. I posted the results in a post a few up but it is a bit of a mess to read due to formatting when posting plain text from HTML. I will consider joining Malwarebytes forum because I wanted to ask why the right click context menu doesn't show in Vista/Win7 anyway.
From: David H. Lipman on 2 Dec 2009 23:19 From: "Wile E. Coyote" <coyote(a)ACME.invalid> | David H. Lipman wrote: >> I'll tell 'ya what. Upload the files to http://www.uploadmalware.com/ >> Mark in the submission that they are FPs for me. I will provide them to Malwarebytes >> and >> Avira personnel for their inspection. >> No registration is needed to submit files at UploadMalware.Com . | OK, done. I didn't provide real email address so post back here what you | find, thanks. Got it ~2.6MB installer. It's late for me so I hope you don't mind I work on this Tomorrow, Thursday 12/3. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
From: Wile E. Coyote on 3 Dec 2009 06:01
David H. Lipman wrote: > Got it ~2.6MB installer. It's late for me so I hope you don't mind I work on this > Tomorrow, Thursday 12/3. > OK, no rush as I am fairly sure it is just false positive but quite a lot of scanners flagged it as a Trojan at that multiple scanner site so need to be 100% certain about the file. |