LS.Andy

Root Admin
  • Content count

    1,330
  • Joined

  • Last visited

  • Days Won

    43

LS.Andy last won the day on January 12

LS.Andy had the most liked content!

Community Reputation

79 Excellent

About LS.Andy

  • Rank
    Lavasoft Staff/Forum Overlord

Profile Information

  • Location
    Gothenburg

Recent Profile Visitors

5,049 profile views
  1. Hi igornn, If you're reporting a false positive, can I ask you to read the guide for reporting false positives here and upload the requested info please? Thanks, LS Andy Lavasoft Malware Lab
  2. LS.Andy

    JS:Trojan.JS.Agent.SAP

    No need to worry abut your passwords, although, this might be a good opportunity to consider setting different passwords for all your online accounts and setting up 2 Factor Authentiction on any of your accounts that provide it, if you haven't done so already. This site lists services that support 2 Factor Authentication, so if you use any of these services, it's recommended to enable it: https://twofactorauth.org/ I use KeePassX as my password manager and Authy to keep track of 2 Factor Authentication tokens. KeePassx: https://www.keepassx.org/ Authy: https://authy.com/
  3. LS.Andy

    JS:Trojan.JS.Agent.SAP

    Hi PEllis, Thanks for uploading the file. This appears to include a cryptocurency miner script (multiple references to CryptoNight, typically used when mining Monero) that runs when visiting the web page. These pages usually run the script without the user's consent, which is why it is included in the detection database. As an aside, it looks like, more AVs have started to detect it: https://www.virustotal.com/#/file/576dbb37512721bd5eb744ee1a9049a09648f4099bc082cd87b78c78b402068f/detection
  4. LS.Andy

    JS:Trojan.JS.Agent.SAP

    Can you upload the file to this thread please?
  5. LS.Andy

    False Positive - RGL-Email

    Thanks for your report, kres0345. The file is no longer being detected. Regards, Andy Adaware Malware Lab
  6. LS.Andy

    False positive

    Hi sayatoosoft, Thanks for your report. The file SayaSub2.exe (md5: f7ef21ea45882fff513cdb5c96fe2c13) is no longer being flagged by Adaware. Regards, Andy Adaware Malware Lab
  7. LS.Andy

    false positive on runmaj.exe

    Hi mcoueron, Sorry for the late reply. We've just migrated to a new version of the forum software and we're having some unexpected issues with settings that didn't migrate properly, like file uploads not being permitted and email alerts on new posts not being sent. In the meantime, can you post a link to the file that's being blocked so I can download and check it out? Thanks, Andy Lavasoft Malware Lab
  8. Hi olegas22, The detection is a false positive and has been fixed. Thanks for your report. Regards, Andy Lavasoft Malware Lab
  9. LS.Andy

    Curse Application Being Blocked

    Hi rickvoid, Thanks for the additional information. If I've understood correctly, Ad-Aware isn't alerting that it has blocked files, rather, Ad-Aware appears to be conflicting with the Twitch app and stopping it from running: .. and when you kill Ad-Aware, Twitch runs: I was able to recreate this and I've notified the development team about this for investigation. Thanks for letting us know. Regards, Andy Lavasoft Malware Lab
  10. Hi olegas22, Thanks for letting us know. We'll re-investigate and report back here. Regards, Andy Lavasoft Malware Lab
  11. LS.Andy

    Curse Application Being Blocked

    Hi, In order to recreate the problem, I need to first install the application that Ad-Aware is interfering with. Can you provide an exact link where I can download the application, or upload the installer here please? Thanks, Andy Lavasoft Malware Lab
  12. LS.Andy

    Curse Application Being Blocked

    Hi synchtw, Thanks for your report. I haven’t been able to recreate the problem. When I visit curse.com it invites me to download the Twitch Desktop app, which, when I install, installs without any problems or alerts from Ad-Aware. Can you describe the steps I need to take to recreate the problem? Thanks, Andy Lavasoft Malware Lab
  13. LS.Andy

    False positive KA Lite

    Hi Homeschooled, The detection of the file is a false positive and has been removed from detection. Regards, Andy Lavasoft Malware Lab
  14. LS.Andy

    False positive KA Lite

    Please compress the file with Winzip/Winrar/7zip or similar before uploading.
  15. LS.Andy

    False positive KA Lite

    Hi Homeschooled, You can remove the file from quarantine by: clicking Scan Computer on the icon list on the left side of the GUI scrolling down to Quarantined Files clicking View selecting the file you want to restore and hit Restore You can add the file to the exclusion list by going into Manage Exclusions, just above Quarantined Files. When you've restored the file, can you upload it here so I can check it out? Thanks, Andy Lavasoft Malware Lab