Download TrojanHunter Now
Free 30-day trial!
Latest TrojanHunter Version:
TrojanHunter 5.0
Order Now
License file delivered within minutes.
Welcome, Guest. Please Login or Register.
Aug 28th, 2008, 1:28pm
   Mischel Internet Security Forum
   Malware
   Trojans (Moderators: Helena, Gavin_Coe, Magnus)
   "VB.1066" I think is a False Positive		 « Previous topic | Next topic »
Pages: 1  Reply Reply  Notify of replies Notify of replies   Send Topic Send Topic   Print Print
   Author  Topic: "VB.1066" I think is a False Positive  (Read 398 times)
PAN_IRISH
Senior Member
****





   


Gender: male
 Posts: 487
"VB.1066" I think is a False Positive
« on: Nov 2nd, 2007, 1:53am »		 Quote Quote  Modify Modify
I just ran a new scan on a re-installed boot partition that i did last night and I haven't been anywhere to get a Trojan.
the only things that have been downloaded are recognized applications that i already use.
 
I will scan with another tool and post back.
I think I'll ask for confirmation at eset online scan.
the machine is an ASUS M2N-E M/B
with Nvidia drivers.
an evga video card with Nvidia drivers  
 
I'm hoping that VB.1066 maybe something in one of the latest downloads such as the download manager for Diskeeper Pro Premier.
 
I can't think of anything else.
 
Let me know if you need any more system info.
IP Logged
Keeping SECURITY the #1 issue!
Use Trojan Hunter 5.0
Like the American Express Card;don't leave home without it!
siliconman01
Global Moderator
*****



Trojans! Chew 'em Up, Spit 'em Out...

   


Gender: male
 Posts: 5594
Re: "VB.1066" I think is a False Positiv
« Reply #1 on: Nov 2nd, 2007, 2:40am »		 Quote Quote  Modify Modify
Would you please submit the "offending" file for Gavin/Magnus to examine.  The link below provides instructions for how to submit.
 
http://www.misec.net/forum/board/FAQ/1139308293
IP Logged
______
TrojanHunter V5.0.962...No. 1 AT in my Book and on my Box!
PAN_IRISH
Senior Member
****





   


Gender: male
 Posts: 487
Re: "VB.1066" I think is a False Positiv
« Reply #2 on: Nov 2nd, 2007, 2:44am »		 Quote Quote  Modify Modify
It didn't give me a location.
all it did was advise me that it was there and wanted me to allow the TH 5.0 to remove it.
I did not allow it to be removed.
I just got back from ESET and ESET didn't find anything.
I will scan with TH again.
IP Logged
Keeping SECURITY the #1 issue!
Use Trojan Hunter 5.0
Like the American Express Card;don't leave home without it!
PAN_IRISH
Senior Member
****





   


Gender: male
 Posts: 487
Re: "VB.1066" I think is a False Positiv
« Reply #3 on: Nov 2nd, 2007, 2:53am »		 Quote Quote  Modify Modify
I found it!
 
Found trojan file: C:\Program Files\Lavasoft\Ad-Aware 2007\Registration\registration_helper.prg (VB.1066)
IP Logged
Keeping SECURITY the #1 issue!
Use Trojan Hunter 5.0
Like the American Express Card;don't leave home without it!
siliconman01
Global Moderator
*****



Trojans! Chew 'em Up, Spit 'em Out...

   


Gender: male
 Posts: 5594
Re: "VB.1066" I think is a False Positiv
« Reply #4 on: Nov 2nd, 2007, 2:56am »		 Quote Quote  Modify Modify
VB.1066 was added on 31-Oct-2007.  So it may well be an FP.  Please submit that registration_helper.prg and I'll e-mail Gavin too.  
« Last Edit: Nov 2nd, 2007, 2:56am by siliconman01 » IP Logged
______
TrojanHunter V5.0.962...No. 1 AT in my Book and on my Box!
PAN_IRISH
Senior Member
****





   


Gender: male
 Posts: 487
Re: "VB.1066" I think is a False Positiv
« Reply #5 on: Nov 2nd, 2007, 3:10am »		 Quote Quote  Modify Modify
I already removed it from the Lavasoft program file.
Removed registration folder altogether;
deleted using the "Heidi eraser V.5.7" and I also took out the entire folder for Adwatch.
The program runs but it wants to replace the missing files when I checked on an UPDATE.
 
Sorry,Tom.
 
IP Logged
Keeping SECURITY the #1 issue!
Use Trojan Hunter 5.0
Like the American Express Card;don't leave home without it!
PAN_IRISH
Senior Member
****





   


Gender: male
 Posts: 487
Re: "VB.1066" I think is a False Positiv
« Reply #6 on: Nov 2nd, 2007, 3:12am »		 Quote Quote  Modify Modify
I forgot;
after removing the files,
TH did not find the offending file again.
 
IP Logged
Keeping SECURITY the #1 issue!
Use Trojan Hunter 5.0
Like the American Express Card;don't leave home without it!
PAN_IRISH
Senior Member
****





   


Gender: male
 Posts: 487
Re: "VB.1066" I think is a False Positiv
« Reply #7 on: Nov 2nd, 2007, 10:22pm »		 Quote Quote  Modify Modify
Did this get fixed in the update that just came in?
 
IP Logged
Keeping SECURITY the #1 issue!
Use Trojan Hunter 5.0
Like the American Express Card;don't leave home without it!
PAN_IRISH
Senior Member
****





   


Gender: male
 Posts: 487
Re: "VB.1066" I think is a False Positiv
« Reply #8 on: Nov 4th, 2007, 6:06pm »		 Quote Quote  Modify Modify
i re-installed Ad-aware 2007 and it is still detected but at least i know what the item is now.
 
IP Logged
Keeping SECURITY the #1 issue!
Use Trojan Hunter 5.0
Like the American Express Card;don't leave home without it!
siliconman01
Global Moderator
*****



Trojans! Chew 'em Up, Spit 'em Out...

   


Gender: male
 Posts: 5594
Re: "VB.1066" I think is a False Positiv
« Reply #9 on: Nov 5th, 2007, 1:12am »		 Quote Quote  Modify Modify
Would you please submit the file that is being detected incorrectly.  I'll email Gavin again.
IP Logged
______
TrojanHunter V5.0.962...No. 1 AT in my Book and on my Box!
PAN_IRISH
Senior Member
****





   


Gender: male
 Posts: 487
Re: "VB.1066" I think is a False Positiv
« Reply #10 on: Nov 5th, 2007, 1:47am »		 Quote Quote  Modify Modify
i got rid of it.
i removed it again,
the last run showed two of the same items and then i removed the entire Ad-Aware 2007 and cleaned up and re-booted and all was gone.
I'm going to leave the Ad-Aware 2007 off my machine.
It is a file that goes along with the app for the registration of the paid version and it stays there even though you don't use it.
 
IP Logged
Keeping SECURITY the #1 issue!
Use Trojan Hunter 5.0
Like the American Express Card;don't leave home without it!
troycebarton
Newbie
*





   
Email

Posts: 1
Re: "VB.1066" I think is a False Positiv
« Reply #11 on: Nov 6th, 2007, 12:05am »		 Quote Quote  Modify Modify
I found this also and just submitted the file a few minutes ago to    submit*at*misec.net ( *at*  = @  Smiley )
IP Logged
siliconman01
Global Moderator
*****



Trojans! Chew 'em Up, Spit 'em Out...

   


Gender: male
 Posts: 5594
Re: "VB.1066" I think is a False Positiv
« Reply #12 on: Nov 6th, 2007, 12:35am »		 Quote Quote  Modify Modify
Welcome to the forum troycebarton  Wink
 
Thanks very much for the submittal. I feel confident Gavin/Magnus will get the FP corrected shortly now that they have your submittal.
IP Logged
______
TrojanHunter V5.0.962...No. 1 AT in my Book and on my Box!
siliconman01
Global Moderator
*****



Trojans! Chew 'em Up, Spit 'em Out...

   


Gender: male
 Posts: 5594
Re: "VB.1066" I think is a False Positiv
« Reply #13 on: Nov 6th, 2007, 7:13am »		 Quote Quote  Modify Modify
The latest ruleset should have fixed this False Positive  Cheesy
IP Logged
______
TrojanHunter V5.0.962...No. 1 AT in my Book and on my Box!
Pages: 1  Reply Reply  Notify of replies Notify of replies   Send Topic Send Topic   Print Print

« Previous topic | Next topic »
Search
Members
Login
Register