Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware found and sometimes cleared by f secure


  • Please log in to reply
5 replies to this topic

#1 justagirl

justagirl

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:10:13 AM

Posted 24 January 2010 - 06:40 PM

This malware is coming up as found by my antivirus software from charter communications (f-secure) and day by day it is found...then f-secure indicates it could not clean it, then the next day it finds it and cleans it sometimes several times a day. It indicates it is related to the c:windows file IsUninst.exe Is this a false positive or do I have an issue? I have the most updated version of malwarebytes and it does not see anything on a short or full scan. I have windows XP

Thank you in advance for your help!

Kristin

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:13 AM

Posted 24 January 2010 - 08:07 PM

Hello and welcome. This is possibly a False positive. We should double check it before we take action.

Lets' upload this file for a second opinion on what it actually is..

Please make sure that you can view all hidden files. Instructions on how to do this can be found here:
How to see hidden files in Windows

Please click this link-->Jotti

When the jotti page has finished loading, click the Browse button and navigate to the following file and click Submit.
<filepath>suspect.file

Please post back the results of the scan in your next post.

If Jotti is busy, try the same at Virustotal: http://www.virustotal.com/


NOTE:
For submission to a specific anti-virus vendor see Submitting Virus Samples: How to Submit a Virus.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 justagirl

justagirl
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:10:13 AM

Posted 25 January 2010 - 04:38 AM

Hi Boopme,

Thank you for responding. Jotti indicated the file was empty and so did virus total. When I view it in my computer it indicates it is 304kb. Does this confirm it is a false positive?

Thank you,
Kristin

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:13 AM

Posted 25 January 2010 - 12:09 PM

That would indicate a YES to me. You can send it to F Secure in the last link provided. They should then addit to the next update so it will no longer show.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 justagirl

justagirl
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:10:13 AM

Posted 25 January 2010 - 01:16 PM

Thank you very much for your help! I will complete the final step, but we will consider this issue closed.

Kristin

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:13 AM

Posted 25 January 2010 - 01:17 PM

You're welcome from all of us here at BC. We are glad to have helped.
Please take a few minutes to read our quietman7's excellent Tips to protect yourself against malware and reduce the potential for re-infection:,in post 17. :thumbsup:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users