Re: Trojan horse Downloader.Generic.ML

From: Ron Reaugh (ron-reaugh_at_worldnet.att.net)
Date: 06/20/05


Date: Mon, 20 Jun 2005 18:43:38 GMT


"Gabriele Neukam" <Gabriele.Spamfighter.Neukam@t-online.de> wrote in message
news:d96ulq$5or$05$1@news.t-online.com...
> On that special day, Ron Reaugh, (ron-reaugh@worldnet.att.net) said...
>
> > That it isn't by your findings a "32 bit executable" and therefore a
false
> > alarm does NOT follow logically. The detection did coincide with some
> > nefarious virus like activity and was therefore NOT a false alarm.
>
> Why do you insist that this file is *actively* malign? It might be the
> remnants of what happened in another place, and was left instead of
> being cleared after action (installaion? be it for good or evil
> purposes). I had leftovers of stuff, mostly in C:\windows\temp all the
> time, but a bad coder might use C:\null instead and then fail to remove
> it properly.

ALL very true. The fly in that ointment is that AVG chose that moment
unrelated to anything seemingly going on suddenly to find that file. A file
that seems not to contain some arbitrary fragments but something "not
benign".

Maybe it just found the smoke from the smoking gun but apparently it did
find a shooting.



Relevant Pages

  • Re: Trojan horse Downloader.Generic.ML
    ... The detection did coincide with some ... >> nefarious virus like activity and was therefore NOT a false alarm. ... and at the same time set the terms ...
    (comp.security.firewalls)
  • Re: Trojan horse Downloader.Generic.ML
    ... The detection did coincide with some ... >> nefarious virus like activity and was therefore NOT a false alarm. ... and at the same time set the terms ...
    (alt.computer.security)
  • Re: Trojan horse Downloader.Generic.ML
    ... The detection did coincide with some ... >> nefarious virus like activity and was therefore NOT a false alarm. ...
    (comp.security.firewalls)
  • Re: Boot Malmo on my USB Mem!! Help
    ... The point around which these flames revolve, is whether the detection ... is a false alarm or not - something that Zvi is fairly sure of, ... said that your teddy bear is "infected" as such. ...
    (microsoft.public.security.virus)
  • Re: cognitive radio
    ... know about the probability of false alarm. ... of detection by first finding the individual detection using ... I am also working on Spectrum Sensing with energy detector and false alarm probability, and I am just begining to work in MATLAB. ...
    (comp.soft-sys.matlab)