LS.Andy

Root Admin
  • Content Count

    1,331
  • Joined

  • Last visited

  • Days Won

    43

Everything posted by LS.Andy

  1. The detection is a false positive and will be removed from the detection database as of an update to be released today. Thanks for your report, Andy Lavasoft Malware Lab
  2. Hi SML-QA, Thanks for letting us know. We'll re-investigate and report back here. Regards, Andy Lavasoft Malware Lab
  3. Hi LiteManager, This was indeed a false positive and has been removed from detection. Thanks for your report. Regards, Andy Lavasoft Malware Lab
  4. Hi, Thanks for lettng us know. We'll check it out and report back here. Regards, Andy Lavasoft Malware Lab
  5. Hi istok20, The routine causing the detection has been removed. Thanks for your report. Regards, Andy Lavasoft Malware Lab
  6. Hi istok20, Thanks for the report. We'll check it out and get back to you here. Regards, Andy Lavasoft Malware Lab
  7. Hi LiteManager, I think you have us confused with AVware - our product is Ad-Aware. I don't know if this is very helpful - their site is in Portuguese - but here's their support page: http://www.avware.com.br/suporte-tecnico.php Andy Lavasoft Malware Lab
  8. Hi Ashish, Thanks for your report - we'll check it out and get back to you. Andy
  9. Hi Michael, Thanks for letting me know about the new files - they've been removed from detection. Andy
  10. Hi SOFTLAVA, Sounds like you're having some problems - can you give me some details so I can help you out? Thanks, Andy Lavasoft Malware Lab
  11. Hi Michael, The detection is a false positive and will be removed within the next few updates. Andy Lavasoft Malware Lab
  12. I was able to recreate the detection with the correct file. I'll send this to the false positive team and report back here when I get the result.
  13. I can see the problem now - we're looking at different files. The sha256 for the file submitted to Virus Total is not the same for the file I downloaded from https://correlog.com/Download/co-5-6-3.exe. VT file hash: 34eed7d4b0f4ac49affa3a56d789d326daa6f9ea8acaef4c77933476d00dcfa4 From URL: 9cc3ba54b08be7b21b9e52c8b48d281e8e7797b90f0d5de6d6bf13698a7e3d3d I'll download the file from Virus Total and check it out.
  14. Hi Michael, I'm still unable to recreate the detection using Ad-Aware. I ran several scans against the file: scanning the file itself extracting the contents and scanning them installing the application and running a full system scan ... and nothing was flagged. Can you provide the Virus Total link that shows the detection? That will give me the hash of the file being flagged - I can check if that file exists on my machine after installing CorreLog. I'm not quite sure what to make of Virus Total's response. They use the command line version of Ad-Aware that has the same definition files as the regular GUI version. They will most certainly keep it updated with the latest definition files, so if they are still seeing the Trojan.Zmutzy.802 flag, I should see it too. If you can post the Virus Total link, that will give me something to go on. Thanks, Andy
  15. Hi Correlog, The detection is (obviously!) a false positive and will be removed from detection. Thanks for letting us know. Regards, Andy Lavasoft Malware Lab
  16. Hi again, The three files were not detected in my test. Either they've been removed from detection already or I'm not testing the correct files. I downloaded UMove1718.exe (md5: 13a6b127f1a9b85f56d2afee83ab9782) from hxxp://download.algintech.com/UMove1718.exe and extracted the contents. Here are the md5s of the corresponding files you mentioned: 56ce0748feed9b6caaa2e39f04350cf1 AECOMDLL.dll 0c336651bea70ecb063b33abbf75a7e4 UMove64.msi e275b936a42bca0e52a504c1c3dc184a UMove.msi Can I ask you to verify that the files are no longer detected, or, upload a zip file containing the detected files to this thread? Thanks, Andy Lavasoft Malware Lab
  17. Hi UTools, Thanks for letting us know. We'll check this out and report back here. Regards, Andy Lavasoft Malware Lab
  18. Hi Correlog, Thanks for letting us know. We'll investigate and report back here. Regards, Andy Lavasoft Malware Lab
  19. Hi Valera, Thanks for your upload. I rarely check this forum, so can I ask you to upload malware samles to http://lavasoft.com/support/securitycenter/file_upload.php instead? Uploads collected automatically and checked. Thanks! Andy Lavasoft Malware Labs
  20. Hi Valera, Thanks for your upload. I rarely check this forum, so can I ask you to upload malware samles to http://lavasoft.com/support/securitycenter/file_upload.php instead? Uploads collected automatically and checked. Thanks! Andy Lavasoft Malware Labs
  21. Hi Moise, I wasn't able to recreate a detection on any of the files in either the PSB.zip file or the PSB Support Files archive. You can see the files that I checked in the attached CSV. Can you upload the files that were detected please? Thanks. Andy Lavasoft Malware Lab AA_Scan_Results.csv.zip
  22. Hi Moise, Thanks for letting us know. I'll have this checked out and report back here. Regards, Andy Lavasoft Malware Lab
  23. Hi again, The detection is a false positive and will be fixed as of an update to be published today. Regards, Andy Lavasoft Malware Lab
  24. Hi sayatoosoft, Thanks for letting us know. We'll re-investigate and report back here. Regards, Andy Lavasoft Malware Lab
  25. Hi, The application is detected as a Possible Unwanted Application because on a clean, freshly installed OSX, it shows thousands of insubstantial system problems, asking for a payment to resolve them. User feedback is also taken into account when categorising applications. You can about read people's experiences with the application on other forums, here, for example: https://discussions.apple.com/thread/7135825?tstart=0 Andy Lavasoft Malware Lab