Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Sdfix Download From Here Flagged As Malicious


  • Please log in to reply
3 replies to this topic

#1 tos226

tos226

    BleepIN--BleepOUT


  • Members
  • 1,568 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:LocalHost
  • Local time:05:33 PM

Posted 03 July 2008 - 11:37 PM

NOD32 v2.7 flags SDFIX provided by bleepingcomputer as a malicious thing and quarantines it. Should it?
http://www.bleepingcomputer.com/forums/lof...hp/t131299.html

BC AdBot (Login to Remove)

 


m

#2 nigglesnush85

nigglesnush85

  • Members
  • 4,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:33 PM

Posted 04 July 2008 - 06:10 AM

Hello tos226

http://www.virustotal.com/analisis/c5ac799...0db2157a05b25cd

NOD32 found Win32/PrcView. However SDFix is not malware certain files that are used by the tool can sometimes be detected by AV scanners as possible malware. The main reason this happens is down to a number of reasons such as what file(s) it uses, what is altered/accessed, does it do anything to the registry and so on. Win32/PrcView, is a program that scans system processes and is capable of terminating these processes, while this can be seen as malicious, SDFix needs this to perform its task. AV products in general are unable to properly identify these tools correctly and flag them as malware just to be safe.

This means you have a very good AV scanner. However if you wish to run the tool you will either have to disable NOD32 for the duration of the fix and restart it as soon as it is finished of you can instruct NOD32 how to ignore this tool and ignore its actions while it performs its task.
Regards,

Alan.

#3 tos226

tos226

    BleepIN--BleepOUT

  • Topic Starter

  • Members
  • 1,568 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:LocalHost
  • Local time:05:33 PM

Posted 04 July 2008 - 11:37 AM

Thanks. As I was reading SDfix instructions here, I wondered to myself whether NOD would pick it up on attempted download, considering what it does to the system. Well, NOD did. Not even a chance to save it, let alone run. If I ever need SDfix, I'll turn NOD off for a little bit. I just wanted to double check that the copy here is clean other than the designed damage :thumbsup: we can do.

#4 nigglesnush85

nigglesnush85

  • Members
  • 4,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:33 PM

Posted 04 July 2008 - 01:22 PM

No problem, glad to help. You will probably find that the options are set for NOD just move everything to quarantine without user intervention. you can change this setting in NOD's options.
Regards,

Alan.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users