Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Is This A False Positive?


  • This topic is locked This topic is locked
4 replies to this topic

#1 Vince86

Vince86

  • Members
  • 84 posts
  • OFFLINE
  •  
  • Local time:04:07 AM

Posted 24 July 2008 - 12:26 AM

Hi, i just recently scanned my computer with AVG Free 8.0 and it found a trojan horse generic10.BHES. But it was listed as a C:\documents and settings\vincent lee\application data\adobe\acrobat\7.0\updater\adberdr709_en_US.exe. I think it may be a false positive? can a normal file be infected? it was cleaned and quarantined but should i post a hijack log as well? I am using windows xp. thanks

if i were to upload it to a website that checks files, do i restore the file from my virus vault? would it be safe? how do i go about restoring it and sending it? thanks!

Edited by Vince86, 24 July 2008 - 12:35 AM.


BC AdBot (Login to Remove)

 


m

#2 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,571 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:07 PM

Posted 24 July 2008 - 12:42 AM

It probably is a false positive. If you still have access to the file you can upload it at Jotti for analysis.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#3 Vince86

Vince86
  • Topic Starter

  • Members
  • 84 posts
  • OFFLINE
  •  
  • Local time:04:07 AM

Posted 24 July 2008 - 12:59 AM

i cant restore it, when i upload it, it says it 0 bytes.. but this could be that i just updated my acrobat reader to a newer version right after the infection.

#4 Vince86

Vince86
  • Topic Starter

  • Members
  • 84 posts
  • OFFLINE
  •  
  • Local time:04:07 AM

Posted 24 July 2008 - 02:11 AM

now it detected another trojan same one but in a system volume restore file a0007391.exe, from the looks of it on a search, many people get infected here. I am goign to post a log.

#5 TMacK

TMacK

  • Members
  • 4,672 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:B.C. Canada
  • Local time:01:07 AM

Posted 24 July 2008 - 02:32 AM

Now that you have a HJT log posted in the HijackThis Logs and Malware Removal forum, I'm going to close this Topic.

You shouldn't make any changes to your system, while your HJT log is posted, as that could change the results of the posted log, making it difficult to properly clean your system.
At this point, the HJT Team should be the only members that you take advice from, until they have verified your log as clean.

If you have any questions, don't hesitate to send me a PM.
Chaos reigns within.
Reflect, repent, and reboot.
Order shall return.

aaaaaaaa a~Suzie Wagner




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users