 |
 | Help with a Possible False Positive in World of Padman Patch |  |
|
Tigersmind
|
|
I play a game with my wife called World of Padman. I needed to do a re-install and out of habit I scanned the files again. This time I got a warning the patch file was infected with a trojan.
I would just not worry and delete the game, but my wife and I both have installed this game. Virustotal and Jotti limit the file size to much less than this file. Its 63.3 meg so that's out. Any help or advice would be greatly appreciated. This is the report I saved: Scan Started Tue Nov 17 10:33:47 2009 ------------------------------------------------------------------------------- C:\Documents and Settings\HP_Owner\Desktop\New Folder\wop_patch_1_2.exe: Trojan.Downloader.Zlob-1565 FOUND ----------- SCAN SUMMARY ----------- Known viruses: 650843 Engine version: 0.95.3 Scanned directories: 1 Scanned files: 3 Infected files: 1 Data scanned: 300.05 MB Data read: 671.85 MB (ratio 0.45:1) Time: 65.375 sec (1 m 5 s) -------------------------------------- Completed -------------------------------------- |
|||||||||||
|
|||||||||||||
 |
| |
|
GuitarBob
|
|
Trojan.Zlob-1565 was added last night. The signature is based on the primary executable in the file. The size of the sample file used for the signature was 153587. It was found to be infected by 33 of 41 antiviruses that it was checked with, including Symantec, Microsoft, and NOD32. What's interesting is that many of the 33 AVs seemed to have a different name for it. Sometimes the executable can include an installer or other file section that is used by a "good" file and there can be a false positive--there's nothing stopping a virus writer from using other people's work.
If you can't upload the file anywhere, see if you can get an MD5 hash and enter that in a Google search. Sometimes that will help you find if a file is infected--providing someone else has put the file on the internet somewhere. If you don't have any luck, you could download Malwarebytes' free antivirus program and scan the file with it or you could check your entire computer with an online scan--I would try NOD32's or Trend Micro's. Please get back here with results. Regards, |
|||||||||||
|
|||||||||||||
|
| |
|
Tigersmind
|
|
Thats for the reply. I ran F-Secure's bootable CD scanner and then Malwarebytes' Anti-Malware. Both return the file (and my system) is clean.
I figure at this point it is a false positive. Thanks for the help, I wanted to be sure since my wife and I both had run this file on our computers. |
|||||||||||
|
|||||||||||||
|
 | Help with a Possible False Positive in World of Padman Patch | |
|
||
|
|
|
Powered by phpBB © phpBB Group
Design by phpBBStyles.com | Styles Database.
Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Free Windows Antivirus. Stay Virus Free with Free Software.
Design by phpBBStyles.com | Styles Database.
Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Free Windows Antivirus. Stay Virus Free with Free Software.