LSArtem

Moderator
  • Content Count

    80
  • Joined

  • Last visited

  • Days Won

    4

Everything posted by LSArtem

  1. Hello! Please try this: 1. Reboot your PC. 2. Turn Off Real Time Protection 3. Download archive with miner. 4. Unpack miner from archive 5. Add a folder path with your unpacked miner to Exclusion list 6. Stop / Start Antivirus 7. Turn On Real Time Protection 8. Run Scan of a folder that was added to Exclusion list
  2. File was added to Exclusion list and we have no detected objects anymore. Do you still have this problem?
  3. We will try to reproduce your situation with detection of this file and we'll let you know the results.
  4. I can suggest you to turn off Antivirus control + Real Time protection options, then add you file to Exclusion list and turn ON again all your protection.
  5. Hello! Please send us the version of AdAware that you use. We can't reproduce the detection of this file. Please update you antivirus definitions.
  6. Hello! Please write what version of AdAware do you use. We checked on the latest and a file in Exclusion list was not detected anymore. Also please clarify on what stage your files were detected - after file download or when you start it?
  7. Hello platitude! I can see that your Claymore's miner was detected as "Application.BitCoinMiner.SI" . It is normal situation for miners. You see a full report on Virustotal most of well known antiviruses detect (37/65) this file. Also you have two infected objects in your "Downloads" folder: "E:\Downloads\Image-Line.FL.Studio.Producer.Edition v12.5.0.59.Incl.Patch.and.Keygen-R2R.zip" - Gen:Variant.Symmi.64984 "E:\Downloads\A319_ROW_DS_S319_161222.zip" - Android Riskware (Android.Monitor.Reaper.A, Android.Riskware.SmsPay.EA, Android.Riskware.SMSSend.gEWPZ)
  8. Hello, The analysis of the file has been completed: This is a bot program for the LMK game. It is clean.
  9. Hello! I can't download your file from this site. Please send it in archive. Or send us a link on fileshare.
  10. Hello tommygun28801!First of all why do you suspect that your computer was infected? If you have a sample of this vbs/worm please send us it and we can say for sure what to do to delete all copies of a worm. Or you can send me a PM with a link on suspicious site. A link that you posted is a generic description of "vbs/worm" malware type. With such detect you can find a very big variety of malicious files in the Internet. Before we start to do something please do all these steps
  11. Can you send Powerbasic to check on Virustotal? Or send us binary or md5 hash.
  12. theogottIs this file just compiled or packed too? I trying to understand if compiler can produce "detected" piece of code or it is some part of a packer that was detected.
  13. theogott,we investigated your Quarantine and found that most of binary files are detecting as "Gen.Trjoan.Hezr.FU" (as you said). I have several assumptions about this fact: your files began to detect after compilation your files began to detect after packing (UPX, anything else) Could you send me one compiled file NOT packed or send it to Virustotal for check?
  14. About this case - I found that the file is detecting by a set of AV vendors (https://www.virustotal.com/ru/file/c85f4d3808f975d66b6ca84dad6faa7fde73839cedcd21e6e1cc189c49061a71/analysis/1438937903/). I sent a request for a False Positive for your file "Compile_SPRE.exe"
  15. Please find a folder "<your_disk>:\Users\All Users\Lavasoft\Ad-Aware 11\Quarantine", pack this folder and attach it here. If it will be rather big - please share a dropbox link.
  16. Please try to add a folder with a project to Exclusions. And please check if you have the latest definitions. Your file "M42.exe" is clean and is not detecting. Please send us several files that were detected as Gen:Trjoan.Hezr.FU. Clarify what version of AAW do you use.
  17. Hello theogott! Could you write more about the product that detects your files? What version? Does it detect during installation or downloading the file from the Internet?
  18. I will notify you when i receive official reply about terminating of the detect for your file. I think it was Real-time detect as the reaction for an activity of your application.
  19. Please check you application again on virustotal.com. I have such results .
  20. I can add your site to whitelisted after experts verdict about your soft. By the way a set of antivirus vendors detect Remot Admin Tools as Riskware and not-a-virus:RemoteAdmin. Because your software can be used by an attackers and remade for using it as a Backdoor.( Sure in such case your digital signature will be broken.) So your binaries will be detected in any case.
  21. Hello, we are reviewing your request and checking your files for FP.
  22. Hello again, It seems that my message was left somewhere SST your files might be deleted from detection database. Please check.