Jump to content


Photo

this is a false positive.

NaverAdminApi Registry Victor Schedule

  • Please log in to reply
2 replies to this topic

#1 kolanp

kolanp

    New Member

  • Translators
  • Pip
  • 17 posts
  • Gender:Male
  • Location:Korea South
  • Interests:Travel & Fishing

Posted 23 April 2012 - 09:37 PM

The detected objects: NaverAdminApi.exe, Registry Victor Schedule.job

NaverAdminApi.exe -> http://naver.com (the popular korean portal site)

Registry Victor Schedule.job > http://www.registryvictor.com (this software is equal to registry winner.)

I think that due to heuristics scanning.

You will need to exclude following files.

The results on Virustotal.com:
C:\Documents and Settings\user\Local Settings\Temp\NVC\NaverAdminApi.exe (Spyware.OnlineGames)
https://www.virustot...sis/1335233679/
C:\WINDOWS\Tasks\Registry Victor Schedule.job (Rogue.RegistryVictor)
https://www.virustot...sis/1335233647/

#2 nosirrah

nosirrah

    Forum Deity

  • Administrators
  • PipPipPipPipPipPip
  • 5,452 posts
  • Gender:Male
  • Location:Northampton, MA USA

Posted 24 April 2012 - 06:55 AM

Registry Victor does not seem to have a good reputation.

http://www.mywot.com...istryvictor.com

Please zip and attach a copy of NaverAdminApi.exe to your next post.
Bruce Harrison
Vice President of Research

Posted Image

Follow us: Twitter, Become a fan: Facebook

#3 nosirrah

nosirrah

    Forum Deity

  • Administrators
  • PipPipPipPipPipPip
  • 5,452 posts
  • Gender:Male
  • Location:Northampton, MA USA

Posted 24 April 2012 - 07:03 AM

Registry Victor seems to be the same app as Registry Winner. This also has a very bad rep:

http://www.mywot.com...istrywinner.com
Bruce Harrison
Vice President of Research

Posted Image

Follow us: Twitter, Become a fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users