Jump to content
IObit Forum
Top Free Driver Updater Tools Best 25 PC Optimization Software Best 22 Antimalware Best 22 Uninstaller Software IObit Coupons & Discount Offers PC Optimizer Mac Boost Advice IObit Coupons A Good Utility Program From IObit IObit Promo Codes IObit Coupon Codes IObit Coupons and Deals FAQs Driver Booster Pro Review

Another IMAGE FILE (ebay_88_31[1].jpg) False Positive ? [SOLVED by db 1415]


Recommended Posts

Hi Guys,

 

Have just run an IS 360 smart scan. This time - it's come up with the "eBay.com.au" logo JPG as Worm.Packed.Generic in the Temporary Internet Files folder. When running a scan on that file (from the context menu) - it finds nothing. No other security software detects anything, anywhere.

 

I've uploaded the "infected" file to - http://wikisend.com/download/212064/ebay_88_31[1].zip

 

Here is a copy of the detection report :

 

IObit Security 360

 

OS:Windows XP

Version:1.4.1.11

Define Version:1407

Time Elapsed:00:00:44

Objects Scanned:53441

Threats Found:5

 

|Name|Type|Description|ID|

Tracking Cookies, Cookies, Cookie:footy@quantserve.com/, 7-2075

Tracking Cookies, Cookies, Cookie:footy@content.yieldmanager.com/ak/, 7-1540

Tracking Cookies, Cookies, Cookie:footy@ad.yieldmanager.com/, 7-1540

Tracking Cookies, Cookies, Cookie:footy@content.yieldmanager.com/, 7-1540

Worm.Packed.Generic, File, C:\Documents and Settings\Footy\Local Settings\Temporary Internet Files\Content.IE5\GZ9G81NH\ebay_88_31[1].jpg, 9-87623

 

I will ignore this detection, until it has been reported as having been repaired.

 

ADVICE : To those people who've upgraded to a purchased version - my advice is :

Please make sure that you have ruled out any detection by IS 360 as being a F/P before you go out & spend unnecassarily. That is - if your other security software detects nothing, and only IS 360 detects something - do some research, upload your "infected" file to VirusTotal (or similar). If it is only IS 360 finding an infection : then it's most likely a false-positive. In this case - IObit needs to know, so they can rectify the problem. Don't become angry. Become inquisitive & positively helpful. You might help someone else to "not become scared", and/or to "not spend needlessly".

 

Off my soapbox now :lol:. Thanks for any help with this present F/P IObit.

Cheers for now - Robert

Link to comment
Share on other sites

  • 2 weeks later...

Another FP Detected in Def. DB 1413

 

Hi All,

 

I have another seemingly FP detected, when scanning with Def. DB 1413. That's in addition to the image file FP. No other security software finds anything. Here is the updated Detection Log :

 

IObit Security 360

 

OS:Windows XP

Version:1.4.1.11

Define Version:1413

Time Elapsed:00:05:15

Objects Scanned:52142

Threats Found:3

 

|Name|Type|Description|ID|

 

Trojan.Bagle, File, C:\WINDOWS\system32\WgaLogon.dll, 12-1299

Worm.Packed.Generic, File, C:\Documents and Settings\Footy\Desktop\ebay_88_31[1].jpg, 9-87623

 

Thanks for any help.

Cheers - Footloose

Link to comment
Share on other sites

Hi Guys,

 

Have just run an IS 360 smart scan. This time - it's come up with the "eBay.com.au" logo JPG as Worm.Packed.Generic in the Temporary Internet Files folder. When running a scan on that file (from the context menu) - it finds nothing. No other security software detects anything, anywhere.

 

I've uploaded the "infected" file to - http://wikisend.com/download/212064/ebay_88_31[1].zip

 

Here is a copy of the detection report :

 

IObit Security 360

 

OS:Windows XP

Version:1.4.1.11

Define Version:1407

Time Elapsed:00:00:44

Objects Scanned:53441

Threats Found:5

 

|Name|Type|Description|ID|

Tracking Cookies, Cookies, Cookie:footy@quantserve.com/, 7-2075

Tracking Cookies, Cookies, Cookie:footy@content.yieldmanager.com/ak/, 7-1540

Tracking Cookies, Cookies, Cookie:footy@ad.yieldmanager.com/, 7-1540

Tracking Cookies, Cookies, Cookie:footy@content.yieldmanager.com/, 7-1540

Worm.Packed.Generic, File, C:\Documents and Settings\Footy\Local Settings\Temporary Internet Files\Content.IE5\GZ9G81NH\ebay_88_31[1].jpg, 9-87623

 

I will ignore this detection, until it has been reported as having been repaired.

 

ADVICE : To those people who've upgraded to a purchased version - my advice is :

Please make sure that you have ruled out any detection by IS 360 as being a F/P before you go out & spend unnecassarily. That is - if your other security software detects nothing, and only IS 360 detects something - do some research, upload your "infected" file to VirusTotal (or similar). If it is only IS 360 finding an infection : then it's most likely a false-positive. In this case - IObit needs to know, so they can rectify the problem. Don't become angry. Become inquisitive & positively helpful. You might help someone else to "not become scared", and/or to "not spend needlessly".

 

Off my soapbox now :lol:. Thanks for any help with this present F/P IObit.

Cheers for now - Robert

Hi Footloose

You upload the file to www.wikisend.com that is't " ebay_88_31[1].jpg ".

PLS upload again.

Link to comment
Share on other sites

Wikisend Upload

 

Hi Hxin,

 

Thanks for getting back to me. I've uploaded the original zipped file, available at ebay_88_31[1].zip and the new detection, WgaLogon.dll, available at WgaLogon.zip Both are password protected with the usual password, all in upper case. Hope they worked this time.

 

To Melvin Deal - Thanks for your compliment my friend. We're all here to help. That's all I want to do.

 

Cheers for now - Footloose

Link to comment
Share on other sites

Haste - No Problems now (with WgaLogon.dll)

 

Hi All,

 

The ebay.com.au logo JPG is still being detected as Worm.Packed.Generic

 

What's happening ??

 

Cheers - Footloose

 

Hi All,

 

I don't know what happened last night. After IS 360 having found the 2 versions of WgaLogon.dll still - I started a full system scan; running while I slept. This morning - it found only the ebay.com.au logo JPG. A subsequent quick scan found only this JPG file again.

 

Cheers to all - Footloose

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...