PDA

View Full Version : Ad-Aware SE SE1R126 12.10.2006 Flase Positives

Bubba
October 12th, 2006, 11:40 AM
Just a heads up for those using AdAware that might experience FP's from today's update (http://www.wilderssecurity.com/showthread.php?t=150235). Lavasoft Research has been informed.

{QUOTE-> Win32.Trojan.Agent Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{48e59293-9880-11cf-9754-00aa00c00908}

Win32.Trojan.Agent Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{48e59291-9880-11cf-9754-00aa00c00908}

Win32.Trojan.Agent Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{48e59290-9880-11cf-9754-00aa00c00908}

Win32.Trojandownloader.Zlob Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{fe38753a-44a3-11d1-b5b7-0000c09000c4} <-QUOTE}

{QUOTE-> Thanks for reporting these. Have forwarded this report to the Research Team.

Please do NOT "fix" these at present. <-QUOTE}
FanJ
October 12th, 2006, 11:55 AM
Hi Bubba,

A new definitions update has just been released to fix them:
===
Definitions File Loaded:
Reference Number : SE1R126 12.10.2006
Internal build : 156
File location : C:\Program Files\Lavasoft\Ad-Aware SE Professional\defs.ref
File size : 782898 Bytes
Total size : 2527469 Bytes
Signature data size : 2478468 Bytes
Reference data size : 48489 Bytes
Signatures total : 68024
CSI Fingerprints total : 3957
CSI data size : 164285 Bytes
Target categories : 15
Target families : 988

MD5 checksum of defs.ref:
MD5 - D6E2FDBB28185853F03FE1C5FC63C123
===
Bubba
October 12th, 2006, 12:48 PM
{QUOTE-> Hi Bubba,

A new definitions update has just been released to fix them: <-QUOTE}Hello Jan,

Yes it has and I concur :o :thumb:
FanJ
October 12th, 2006, 12:50 PM
PS:

I just did a full system scan, using those new definitions (second update today for Ad-Aware), and all is well ;)
FanJ
October 12th, 2006, 12:51 PM
{QUOTE-> Hello Jan,

Yes it has and I concur :o :thumb: <-QUOTE}

Thanks Bubba for confirming !

LOL, our postings just crossed ;)

Warm regards, Jan.