|
|
#1
November 1st, 2010, 05:53 AM
|
|||
|
|||
ElibaglA.exe false positive?
Hi @ all.
Happen when I try to download this specific tool for the Bagle virus. This is the link: http://www.zonavirus.com/descargas/d...r-elibagla.asp False positive or not? I forgot...Eset Antivirus 4.2.64 with the latest virus signature. |
|
#2
November 1st, 2010, 07:04 AM
|
|||
|
|||
|
Re: ElibaglA.exe false positive?
MD5:80f8265e39504db45747823261b7a3ab is detected on virus total by 3/43
hard to say.. threat expert raport from analysis of this file is inconclusive (honestly it's useless)
__________________
01001001011011100010000001110100011010000110010100100000011000100110010101100111011010010110111001101110011.... - Genesis 1:1 |
|
#3
November 1st, 2010, 07:42 AM
|
|||
|
|||
|
Re: ElibaglA.exe false positive?
The detection is most likely due to being packed with modified UPX. I could find no evidence of the program doing anything other than scanning registry and files. No network activity detected.
On the other hand, there are far more powerful anti-malware applications to deal with these types of threat. eg MBAM, SAS, Emsisoft etc |
|
#4
November 1st, 2010, 09:32 AM
|
|||
|
|||
|
Re: ElibaglA.exe false positive?
Thanks for the replies.
Yes, I know many other software like Malwarebytes, etc..., but in the past I've used that tool on a pc with success (I remember that I wasn't able to install any other software because it was blocked by the virus). |
| « Previous Thread | Next Thread » |
| Thread Tools | Search this Thread |
|
|
