Jump to content

chaslang

Experts
  • Posts

    5
  • Joined

  • Last visited

Reputation

0 Neutral

About chaslang

  • Birthday October 9

Contact Methods

  • Website URL
    http://forums.majorgeeks.com/forumdisplay.php?f=35
  • ICQ
    0
  1. Just telling it like it is which is what all the Security Experts do. Don't spam websites with junk security software and you will not have a problem. ;-) You cannot pull the wool over the eyes of the experts.

  2. Ain't easy promoting when your cutting out m,y legs from under me you know.

  3. Just an FYI for LDTate. MGtools is from forums.majorgeeks.com. REM414 had started another thread there ( see: http://forums.majorgeeks.com/showthread.php?t=230181 ), and I referred him back to his original thread here when I found out about it. I mentioned to him that MGtools pointed out the below which is part of the problem\\.\globalroot\Device\svchost.exe\svchost.exe You can also see the above in the DDS.txt log and thus do not need the MGtools log.
  4. Again yes I understand what you are saying but you are ignoring the fact that you are not declaring other files (EXE, ZIP, RAR) to be problems just because they are located in the root folder. Your logic or the logic of your coding is inconsistent. There is no reason to call winzip120.exe infected because it is in the root folder. If I put a copy of winzip120.exe into the root of C:\Program Files, it is not detected and I also believe that like the C:\ root folder, anything saved in the root of C:\Program File should also be questioned. If I put a valid copy of explore.exe in the root folder you will call it worm.autorun since explorer.exe is not expected in the root folder which is fine. But if I simply rename the valid explorer.exe file to exp1orer.exe and leave it in the root folder. You do not detect it at all and this file name is well known to be a trojan and should be consider a problem no matter what folder it is in. Why detect winzip120.exe which is not a system file and has no fixed place that it must be saved that it must be downloaded to? It is a valid WinZIP installer filename. I don't wish to continue debating this as I understand you have your reasons. I just don't agree with all of the logic and perhaps you should consider additional test methodologies. Thank you for fixing the other false positive so quickly.
  5. Yes I know. I'm an expert in malware removal and run the Malware Removal Forums at Major Geeks! What I'm saying is you cannot declare one thing to be infected when it is not, and then ignore all the others. What is your ignore list based on? No I do not have an infection. It was a file I collected from a user while removing malware where I had determine some of there Windows OS files sizes were wrong. This PC is a PC using for experimenting/debugging.
  6. I normally would not have a problem with this answer since I don't like seeing things stored in the root folder either. However there are quite a few other EXE, RAR, and ZIP files also stored right now in the root folder of this system that Malwarebytes is not complaining about. And in fact one of them is explorer-BAD.exe which is infected with Virut. What is the basis for exception? If you wish to question files in the root folder, then point them out as a potential issue so as to call it to the user's attention to investigate further. Do not point them out as being infected unless they are actually infected.
  7. Noticed the below false positives today: The uninst.bat file and associated registry keys are just for BitDefender V8 Online Scanner. The batch file contains The winzip120.exe file is a corporate installer version of WinZip and even has a Digital Signature stating it is WinZip Computing
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.