DrWeb AV - FP, re HijackThis?

In below screenshot, look at download dates of HT copies, and
the size file difference. I'm curious about that, as DrWeb AV (just a while ago) pegged HijackThis1981.exe as "Probably WIN SCRIPT.Virus."

As I recall, this isn't 1st time DrWeb AV marked HT as such, (and I've found in the past DrWeb pegged the most FPs, for a time anyway). But this is only file it marked in a recent scan of C drive. I do have latest ver. of DrWeb and the latest defs. loaded, so I wondered - is it "just a probable" FP? Ideas?

Thanks, SG1 (Pat)

 

Submit the sample to DrWeb in here,

http://support.drweb.com/sendnew/

after a couple of hours I think the FP is corrected.

Best regards,
Firefighter!

 

Firefighter;

Tried several right click choices, re winzip for suspect file: error msg I got was...

Action: Add (and replace) files Include subfolders: no Save
full path: no
Include system and hidden files: yes
Adding HijackThis1981.exe
Warning: could not open for reading:
C:/Holding/HijackThis1981.exe
copying Zip file

So, seems I can't zip and send file to DrWeb folks, as far as I can tell. Odd, that...

SG1 (Pat)

 

Pause the SpIDerGuard first, then add that sample to a password protected archive. If you have troubles in it, you can always use this free archiver, it's very comfortable.

http://www.izarc.org/download.html

Best regards,
Firefighter!

 

Firefighter;

Thanks for info about pausing SpiderGuardNT, before attempting to zip a file and I've also never had to or tried to password protect any given zip file.

FURTHER RECAP-UPDATE:

DrWeb AV scanned a possible FP last night (stating a file was "probably WIN SCRIPT.virus" and this wasn't 1st time DrWeb had FP over that file or versions of it. So, I went to zip the file, to send to DrWeb and got msg.

Action: Add (and replace) files Include subfolders: no Save full path: no
Include system and hidden files: yes
Adding HijackThis1981.exe

Warning: could not open for reading: C:/Holding/HijackThis1981.exe
copying Zip file

++++++++

TrojanHunter, after recent update, said:

File scan

C:\Holding\HijackThis1981.exe Not scanned (in use by another application)

MY NOTE: a file in storage - in use - by what?

C:\pagefile.sys Not scanned (in use by another application)
No trojan files found
11030 files scanned in 1323 seconds

++++++++

Then today, ran CWshredder for the heck of it, and am told that I had the cws variant CWS.Msconfig - that's why msconfig kept coming up at bootup all the time? Thought it did that, as I've messed with it so much, and that it came up upon bootup in case you wanted to change something yet again.

What is this business, of a sudden? No security app sees zip, and then I have a Shredder variant - or at least per CWshredder? Unless even that app had an FP? After letting CWshredder fix it, however, msconfig now no longer starts at every bootup; I can, however, start it in the usual fashion from Start/Run box.

++++++++

P.S. I'd over time seen, I think on this newer drive and maybe last one, the HijackThis icon on varied files - and I thought perhaps I'd screwed up a file assoc. or icon/s in general when messing about with that stuff at one time or another. Now, it makes me wonder... But again, all security apps in general, tell me that I have a clean machine; Ewido's the only app that has "burped" about alleged spware cookies, in D drive's storage, then locked them up.

SG1 (Pat) * Will try archiver app that you mention; thanks.

SpiderGuard wasn't on at time of scan, rather, just ran the DrWeb scanner proper, while offline. (Unless Guard comes on in auto pilot mode, when one runs the scanner module)?