bodgy
October 25th, 2009, 01:36 AM
ESS is reporting a threat from the Kov website for their DeX application which doesn't exist.
This has been occuring since Friday 23/10/2009 and occurs when the download begins.
There is no actual threat in the download.
The log contents.
<?xml version="1.0" encoding="utf-8" ?>
- <ESET>
- <LOG>
- <RECORD>
- <COLUMN NAME="Time">
<DATE>25/10/2009</DATE>
<TIME>9:26:55 AM</TIME>
</COLUMN>
<COLUMN NAME="Scanner">HTTP filter</COLUMN>
<COLUMN NAME="Object">file</COLUMN>
<COLUMN NAME="Name">http://kov.com/download/dex/Application Files/AutoTRAX_1_0_0_495/ELECTRA.exe.deploy</COLUMN>
<COLUMN NAME="Threat">probably a variant of Win32/Statik potentially unwanted application</COLUMN>
<COLUMN NAME="Action" />
<COLUMN NAME="User">bodgy-PC\bodgy</COLUMN>
<COLUMN NAME="Information">Threat was detected upon access to web by the application: C:\Windows\Microsoft.NET\Framework64\v2.0.50727\dfsvc.exe.</COLUMN>
</RECORD>
</LOG>
</ESET>
Colin
This has been occuring since Friday 23/10/2009 and occurs when the download begins.
There is no actual threat in the download.
The log contents.
<?xml version="1.0" encoding="utf-8" ?>
- <ESET>
- <LOG>
- <RECORD>
- <COLUMN NAME="Time">
<DATE>25/10/2009</DATE>
<TIME>9:26:55 AM</TIME>
</COLUMN>
<COLUMN NAME="Scanner">HTTP filter</COLUMN>
<COLUMN NAME="Object">file</COLUMN>
<COLUMN NAME="Name">http://kov.com/download/dex/Application Files/AutoTRAX_1_0_0_495/ELECTRA.exe.deploy</COLUMN>
<COLUMN NAME="Threat">probably a variant of Win32/Statik potentially unwanted application</COLUMN>
<COLUMN NAME="Action" />
<COLUMN NAME="User">bodgy-PC\bodgy</COLUMN>
<COLUMN NAME="Information">Threat was detected upon access to web by the application: C:\Windows\Microsoft.NET\Framework64\v2.0.50727\dfsvc.exe.</COLUMN>
</RECORD>
</LOG>
</ESET>
Colin