Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

A2 Anti-malware - Heuristic.archivebomb False Positives


  • Please log in to reply
3 replies to this topic

#1 calebandsarah

calebandsarah

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:50 AM

Posted 26 December 2006 - 03:42 PM

Hey,

I ran a2 four days ago with non remarkable results, I just updated it and re-scanned and its coming back with over 6100 heuristic.archivebombs.

Most were within Java and a small handful came under Mozilla, RealPlayer, and SpyBot - Search and Destroy.

Can someone fill me in in whats going on with my system?

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,906 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:50 AM

Posted 26 December 2006 - 10:24 PM

From Christian Mairoll, Admin at a-squared support forum:

Heuristic.ArchiveBomb is a packed file that tries to crash malware scanners. It is usually not dangerous for your PC, but is dangerous for software like a-squared or any other antivirus scanners. If a scanner can not handle such archivebombs correctly, it may crash and leave the PC unprotected.

http://forum.emsisoft.com/framehelper.aspx...osts&t=1101
scroll down to the next to the last post

Also from the a-squared support forum:

...Heuristic is a technique to detect Malware that ignores whether the detection can be proven to be correct, but which usually ensures a good detection rate. A heuristic detection module searches for Malware specific patterns such as Win-API calls.

A file detected as Heuristic.* looks like Malware, but you should always check them if it may be a false alert. If you are not sure, please always use the quarantine and do not delete such files immediately.

You can also submit such files for further analysis to the analysis team. Please see the contact page for more about this.

http://forum.emsisoft.com/Default.aspx?g=posts&t=1687
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 calebandsarah

calebandsarah
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:50 AM

Posted 27 December 2006 - 12:52 PM

Great thanks for that.

I'll send some more detailed info onto a2's ppl to let them know the types of results that I've been getting.

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,906 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:50 AM

Posted 27 December 2006 - 12:58 PM

Your welcome.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users