Jump to content


Photo

SvchostAnalyzer False Positve?


  • Please log in to reply
7 replies to this topic

#1 DonZ

DonZ

    Regular Member

  • Honorary Members
  • PipPip
  • 68 posts

Posted 28 April 2012 - 01:27 PM

I downloaded this file this morning from Nueber.com. Norton AV 2012 Insight scan said file was OK.

I came out of standby a short time ago and MBAM Pro flagged it as hueistic as a result of a flash scan. I viewed a couple of forum postings from last year that stated this FP was fixed, Obviously it isn't.

Log attached.

#2 shadowwar

shadowwar

    Forum Deity

  • Moderators
  • PipPipPipPipPipPip
  • 5,250 posts
  • Gender:Male

Posted 28 April 2012 - 05:15 PM

There is no log attached. Please attach in a response along with the file please.
Rich Matteo
Research Engineer

staff.png

Follow us: Twitter, Become a fan: Facebook

#3 DonZ

DonZ

    Regular Member

  • Honorary Members
  • PipPip
  • 68 posts

Posted 28 April 2012 - 06:34 PM

Lets try this again. Swore I attached the log the first time

Attached Files



#4 shadowwar

shadowwar

    Forum Deity

  • Moderators
  • PipPipPipPipPipPip
  • 5,250 posts
  • Gender:Male

Posted 29 April 2012 - 01:31 PM

can u please attach that file in zip format.

I need the file to fix it and the link you provided doesnt exist.
Rich Matteo
Research Engineer

staff.png

Follow us: Twitter, Become a fan: Facebook

#5 DonZ

DonZ

    Regular Member

  • Honorary Members
  • PipPip
  • 68 posts

Posted 29 April 2012 - 01:41 PM

Here it is

Attached Files



#6 shadowwar

shadowwar

    Forum Deity

  • Moderators
  • PipPipPipPipPipPip
  • 5,250 posts
  • Gender:Male

Posted 29 April 2012 - 02:18 PM

This will be fixed shortly.

To let you know this is a def that looks for misplaced files starting with the name svchost ( malware commonly does this) that isnt in the proper windows spot. Most of the time cause its a heuristic it can be simply added to ignore list. I have whitelisted your file for the next update.
Rich Matteo
Research Engineer

staff.png

Follow us: Twitter, Become a fan: Facebook

#7 DonZ

DonZ

    Regular Member

  • Honorary Members
  • PipPip
  • 68 posts

Posted 29 April 2012 - 02:46 PM

Thanks.

I do presently have it in the ignore list.

BTW - this is an excellent utility to determine if all your services are legit. More so now that it works with WIN 7.

#8 shadowwar

shadowwar

    Forum Deity

  • Moderators
  • PipPipPipPipPipPip
  • 5,250 posts
  • Gender:Male

Posted 29 April 2012 - 05:56 PM

Yes i ran it and definately useful.

Thanks for reporting!
Rich Matteo
Research Engineer

staff.png

Follow us: Twitter, Become a fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users