LS Albin

Members
  • Content Count

    262
  • Joined

  • Last visited

Community Reputation

0 Neutral

2 Followers

About LS Albin

  • Rank
    Former Lavasoft Staff
  1. Hi ! The file will be removed from detection as of the next definition file release. Thanks for your report Albin Lavasoft Malware Labs
  2. Hi ! Smss.exe is a malicious file. I couldn't extract the archive for svchost.exe. I guess you typed some wrong letter in the password. The password should be infected. My assumption is that svhost.exe is a malicious file aswell. Thanks for your report Albin Lavasoft Malware Labs
  3. [quote name='Un1man' post='121200' date='Jul 16 2010, 12:49 AM']Hi, Since I don't have access to the suspected files, I copied their paths from the quarantine. I hope that's helpful.[/quote] Hi! It would be nice if it was possible to get hold of the actual files. I don't believe this is fp's, smss.exe and svchost.exe should not be located in: c:\system volume information\_restore{d5fffa500b1b}. I can't tell you for sure until we get hold of the files. Thanks Albin Lavasoft Malware Labs
  4. Hi! You can submit the detected files in this thread. It would be helpful so we could look further into this issue. Here is instructions how to post a FP: [url="http://www.lavasoftsupport.com/index.php?showtopic=18033"]http://www.lavasoftsupport.com/index.php?showtopic=18033[/url] Thanks Albin Lavasoft Malware Labs
  5. Hi! This is not a false positive. Thanks for your report Albin Lavasoft Malware Labs
  6. [quote name='Un1man' post='121043' date='Jul 13 2010, 12:10 AM']Hi, Ad-Aware detects two processes: [b]smss.exe [/b] and [b]svchost.exe[/b] as Trojan.Win32.Generic!BT . I've tried quarantining and deleting these files, but they still appear after reboot. Sound has disappeared on my computer and I get a login window to sign in as a user on my computer even when I never created any alternative users. So I think I really have a trojan virus. Any help in deleting it is appreciated![/quote] Hi! This is a forum dedicated to false positive issues. Please use this link for more help: [url="http://www.lavasoftsupport.com/index.php?showforum=61"]http://www.lavasoftsupport.com/index.php?showforum=61[/url] Thanks Albin Lavasoft Malware Labs
  7. Hi again! You could always right click on cncs32.dll and look in properties, (Created or Modified date stamp). This may give an indication when you were infected. Thanks Albin Lavasoft Malware Labs
  8. [quote name='colt1986' post='120108' date='Jun 9 2010, 06:48 AM']I am wondering whether this detected file is a false positive. cncs32.dll was identified as Win32.TrojanSpy.Banker. I am using Ad-Aware 8.2.4. I have included the scan log and a zip copy of the file (password: infected). Thanks for your help.[/quote] Hi colt1986 ! The file is not a false positive. I recommend you to quarantine the file. Thanks for your detailed report. Albin Lavasoft Malaware Labs
  9. Hi speeder! We will look into this issue. It would be helpful if you could attach a scan report and a detected file in this thread. Thanks Albin Lavasoft Malware Labs
  10. Hi! Can you please tell me the name of the application and where to download it, so we can analyze further. Thanks for your scan-report and attached file. Albin Lavasoft Malware Labs
  11. [quote name='Specter' post='119325' date='Apr 28 2010, 07:09 PM']Hey, you can find the website and its program here: [url="https://www.isbank.com.tr/Internet/index.aspx?langcode=en-US&width=1280&height=990"]https://www.isbank.com.tr/Internet/index.as...&height=990[/url] I uploaded the files I found with the password infected Thanks.[/quote] Hi Specter! We will look into this issue and if it turns out to be a FP it will be removed from detection as of the next definition release. Cheers Albin Lavasoft Malware Labs
  12. [quote name='joyfule' post='119324' date='Apr 28 2010, 06:12 PM']I'm trying desperately to remove TeamViewer 4. Everytime I click the uninstall, the Ad-Watch Live Alert pops up and blocks the process. Here is the verbiage: "Ad-Watch Live! has blocked the process uninstll.exe(172( from starting on your system. The process has been identified as Trojan.Win32.Generic!BT How can I get around this to uninstall the TeamViewer? I've already tried to right click on the icon and disable the ad-watch live. What else can I do?[/quote] Hi joyfule! Can you please attach the detected file in this thread. Here is the instructions for posting a FP: [url="http://www.lavasoftsupport.com/index.php?showtopic=18033"]http://www.lavasoftsupport.com/index.php?showtopic=18033[/url] Thanks Albin Lavasoft Malware Labs
  13. Hi sprstock! It turned out to be a FP. The fix will be inlcuded in the next def release (0149.0195). Thanks Albin Lavasoft Malware Labs
  14. Hi navegante =) The file has now been removed from detection. The fix will be included in the next definition release (0149.0195). Cheers Thanks for your report it was really helpful to solve this issue. Lavasoft Malware Labs
  15. [quote name='Thelemming' post='118582' date='Apr 3 2010, 07:37 PM']i've been with e-trends for years and had the module on my White list all went ok till the newest version of Ad-Aware 8.NN, then it started being flaged been adding it to the White List and that made no different I upgraded to version 8.2.2 hoping it might work still no dice. E-Trends sent me a email that they are merging with Opinion Square and Down Load the Module from there, and uninstall the one from e-trends; which I did. Attaching the latest two logs. Attaching a zipped copy of the module.[/quote] Hi! Thanks Thelemming! We will investigate this issue and remove the file from detection if it turns out to be a fp. Albin Lavasoft Malware Labs