FP with Trojan Hunter? - dslreports.com

Author	All Replies
sammysnake Never Forget 911 Premium join:2002-01-19 Salt Lake City, UT	FP with Trojan Hunter? I just finished updating AVG Free, defs from 8/24/07, and Trojan Hunter, defs from 8/25/07, and while AVG comes up clean Trojan Hunter flags this: Found trojan file: C:\Program Files\Grisoft\AVG Free\avgmvfl.dll (Generic.LdPinch.A) Anyone else seeing this and is it a FP? Sammy
	to forum · permalink · · 2007-08-25 12:17:47 ·
MagnusM Premium join:2001-07-07	This is almost certainly a false positive. Could you email the file to support@misec.net for analysis? -- Mischel Internet Security http://www.misec.net
	to forum · permalink · · 2007-08-25 12:32:53 ·
hayc59 VoodooChild Premium join:2001-02-26 In A Dream	reply to sammysnake Magnus, hello and kudos for stoppin by
	to forum · permalink · · 2007-08-25 12:34:41 ·
sammysnake Never Forget 911 Premium join:2002-01-19 Salt Lake City, UT	reply to MagnusM File sent. Thanks Magnus. Sammy
	to forum · permalink · · 2007-08-25 12:44:28 ·
MagnusM Premium join:2001-07-07	reply to sammysnake Thanks, file received and analyzed. This is indeed a false positive and I've uploaded corrected signatures. Run LiveUpdate and this file should no longer be detected on your next scan. -- Mischel Internet Security http://www.misec.net
	to forum · permalink · · 2007-08-25 12:55:14 ·
sammysnake Never Forget 911 Premium join:2002-01-19 Salt Lake City, UT 1 edit	Thank you Magnus!
	to forum · permalink · · 2007-08-25 13:04:26 ·
sammysnake Never Forget 911 Premium join:2002-01-19 Salt Lake City, UT	reply to MagnusM Now I get this when I do a full scan with the latest updated defs: Registry scan No suspicious entries found Inifile scan No suspicious entries found Port scan No suspicious open ports found Memory scan No trojans found in memory File scan Error: Error while scanning C:\DELL\MEDIAEXE\PXCPYI64.EXE: Unknown machine type: 0x200 (C:\DELL\MEDIAEXE\PXCPYI64.EXE) Error: Error while scanning C:\DELL\MEDIAEXE\PXHELP64.SYS: Unknown machine type: 0x200 (C:\DELL\MEDIAEXE\PXHELP64.SYS) Error: Error while scanning C:\DELL\MEDIAEXE\PXINSI64.EXE: Unknown machine type: 0x200 (C:\DELL\MEDIAEXE\PXINSI64.EXE) Error: Error while scanning C:\DELL\PXCPYI64.EXE: Unknown machine type: 0x200 (C:\DELL\PXCPYI64.EXE) Error: Error while scanning C:\DELL\PXHELP64.SYS: Unknown machine type: 0x200 (C:\DELL\PXHELP64.SYS) Error: Error while scanning C:\DELL\PXINSI64.EXE: Unknown machine type: 0x200 (C:\DELL\PXINSI64.EXE) Error: Error while scanning C:\I386\PMSPL.DLL: This is not a PE format Error: Error while scanning C:\I386\pxcpyi64.exe: Unknown machine type: 0x200 (C:\I386\pxcpyi64.exe) Error: Error while scanning C:\I386\pxinsi64.exe: Unknown machine type: 0x200 (C:\I386\pxinsi64.exe) Error: Error while scanning C:\WINDOWS\SYSTEM32\PMSPL.DLL: This is not a PE format Error: Error while scanning C:\WINDOWS\SYSTEM32\pxcpyi64.exe: Unknown machine type: 0x200 (C:\WINDOWS\SYSTEM32\pxcpyi64.exe) Error: Error while scanning C:\WINDOWS\SYSTEM32\pxinsi64.exe: Unknown machine type: 0x200 (C:\WINDOWS\SYSTEM32\pxinsi64.exe) No trojan files found Mind you.... the files listed above have always been on this machine and have never been flagged before. Sammy
	to forum · permalink · · 2007-08-25 14:07:16 ·
MagnusM Premium join:2001-07-07	reply to sammysnake Ah... this has to do with support for scanning 64-bit executables that was recently added. The scanner doesn't recognize the machine type flag in the files listed above and throws an error. Of course, that shouldn't be happening so I will fix this ASAP. If anyone is interested in the technical explanation, the files that give this error are files with machine type IMAGE_FILE_MACHINE_IA64, which is the Itanium architecture. This is separate from the x64 (AMD-64) architecture which is just the regular 64-bit format, which is why it was omitted. Thanks Sammy for reporting this! I will upload a corrected version to the servers in the next 30 minutes. -- Mischel Internet Security http://www.misec.net
	to forum · permalink · · 2007-08-25 14:24:29 ·
sammysnake Never Forget 911 Premium join:2002-01-19 Salt Lake City, UT	Thank you again Magnus, all is well in snakeland again as shown: Registry scan No suspicious entries found Inifile scan No suspicious entries found Port scan No suspicious open ports found Memory scan No trojans found in memory File scan No trojan files found Sammy
	to forum · permalink · · 2007-08-25 15:04:58 ·
La Luna Surviving Ashraful Premium join:2001-07-12 Warwick, NY clubs:	reply to sammysnake Wow, talk about a quick response and fix. Awesome!! Just another reason why I like TH.
	to forum · permalink · · 2007-08-25 16:05:30 ·


Friday, 03-Jul 23:23:08	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 9.5 years online! © 1999-2009 dslreports.com. page compression OFF