Questions about KIS detected Trojan

Author	All Replies
TR8 join:2002-12-15 USA	Questions about KIS detected Trojan detected: riskware Worm.generic Running process: C:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE I just got Roadrunner today. I got this message as I was adding 4 new email accounts to Outlook and sending test emails to myself. I was also doing a live chat with the tech support at Road Runner at the same time. KIS said it neutralized the trojan and then anti hacker firewall said, The application OUTLOOK.EXE has been changed and asked if I should block it and I said yes. It is extremely rare I get attacked. Did KIS get confused and make a false detection because of the multiple email changes with confirming emails? Did the Road Runner chat window open things up or what? In any case, I would like to know what happened and if I need to do anything to shore up my defenses. I ran a full scan with KIS and Adaware and Spybot with no threats detected. Using WIN XP PRO,updated. Firefox browser updated. Thank you for help.
	to forum · permalink · · 2007-01-04 23:22:53 ·
amysheehan Premium,VIP,MVM join:1999-12-21 Huntington Beach, CA ·RoadRunner Cable 1 edit	said by TR8 : detected: riskware Worm.generic Running process: C:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE I just got Roadrunner today. I got this message as I was adding 4 new email accounts to Outlook and sending test emails to myself. I was also doing a live chat with the tech support at Road Runner at the same time. KIS said it neutralized the trojan and then anti hacker firewall said, The application OUTLOOK.EXE has been changed and asked if I should block it and I said yes. It is extremely rare I get attacked. Did KIS get confused and make a false detection because of the multiple email changes with confirming emails? Did the Road Runner chat window open things up or what? In any case, I would like to know what happened and if I need to do anything to shore up my defenses. I ran a full scan with KIS and Adaware and Spybot with no threats detected. Using WIN XP PRO,updated. Firefox browser updated. Thank you for help. Most likely [especially IF you used the RoadRunner tool to set up the new email accounts in Outlook ] this is a False Positive - The RR tool probably set off the firewall alert as well. EDIT TO ADD: Link re: RR install-kit info: »Road Runner HSI Forum FAQ »Is the RR software required? -amy- -- DSLR Phishtracker
	to forum · permalink · · 2007-01-04 23:39:06 ·
norwegian Premium join:2005-02-15 Outback ·WestNet Broadband	reply to TR8 I would say it is alerting to the fact Outlook.exe wasn't configured, then when you configured it to allow traffic to your account, it changed so it was an alert to that. As Amy suggested, it maybe the tool. Also by the alert you have "potentially dangerous software" checked in the malware categories, as riskware alerts do not show up when this box is not checked, as it mentioned an account was created, and emails were sent, KIS thought it better alert you. Hope this helps explain. -- The only thing necessary for the triumph of evil is for good men to do nothing - Edmund Burke
	to forum · permalink · · 2007-01-05 03:09:57 ·
TR8 join:2002-12-15 USA	reply to amysheehan Most likely [especially IF you used the RoadRunner tool to set up the new email accounts in Outlook ] this is a False Positive - The RR tool probably set off the firewall alert as well. EDIT TO ADD: Link re: RR install-kit info: »Road Runner HSI Forum FAQ »Is the RR software required? -amy- I purposefully avoided using any RR tool and did not install any RR software.
	to forum · permalink · · 2007-01-05 08:27:15 ·
TR8 join:2002-12-15 USA	reply to norwegian I had previously been receiving email in Outlook from a Covad account. I did not use the RR tool or install any software. KIS did say it was riskware, but it also said it neutralized the trojan and the application OUTLOOK.EXE has been changed. It does seem like a false positive, but the thing that was odd was that I have added email accounts before with no alerts. Perhaps it was different this time because I added 4 email accounts all in a row.
	to forum · permalink · · 2007-01-05 08:42:00 ·
amysheehan Premium,VIP,MVM join:1999-12-21 Huntington Beach, CA ·RoadRunner Cable	reply to TR8 Are there any events logged with more details about the AV alert re: Trojan and/or the firewall activity ? -- DSLR Phishtracker
	to forum · permalink · · 2007-01-05 08:56:08 ·
norwegian Premium join:2005-02-15 Outback ·WestNet Broadband 1 edit	reply to TR8 It could well have been the window to the tech team, being as they would have been playing with your account from the ISP's end, logs ? Because it could well have been very realistic, not all tech support is legit, it's human nature. No pun intended to those that work honest legitimate business' and have morals. The simple fact you have multiple accounts opened in a time frame may be a setting issue, email settings aren't used in this house, so I can't elaborate. Maybe have a chat at the forums if you are serious about what happened, but the riskware category is exactly that, a maybe/maybe not. You have to diagnose more on these issues. -- The only thing necessary for the triumph of evil is for good men to do nothing - Edmund Burke
	to forum · permalink · · 2007-01-05 09:17:00 ·


Sunday, 29-Nov 21:41:36	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com.republican-creole page compression OFF