variant of Win32/Genetik trojan - FP?

Discussion in 'NOD32 version 2 Forum' started by Caine, Feb 28, 2009.

Thread Status:
Not open for further replies.
  1. Caine

    Caine Registered Member

    Joined:
    Nov 11, 2005
    Posts:
    63
    The following infected file was quarantined by my NOD32:
    C:\Deckard\System Scanner\20080826211058\backup\WINNT\Downloaded Program Files\xscan53.ocx - probably a variant of Win32/Genetik trojan
    I checked the forums for anything similar and I suspect this may also be a false positive. I restored from quarantine and submitted to Jotti to be sure. NOD32 also asked me to submit for analysis.

    Are the heuristics just too sensitive? Can I restore this file, and set NOD to ignore in the future?

    ~Jotti results removed per Policy.~
     
    Last edited by a moderator: Feb 28, 2009
    Caine, Feb 28, 2009
    #1
  2. elapsed

    elapsed Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    7,076
    elapsed, Feb 28, 2009
    #2
  3. Caine

    Caine Registered Member

    Joined:
    Nov 11, 2005
    Posts:
    63
    Since I submitted the file to the labs as per instructions, the result has disappeared from full system scans, and must have been a false positive as I suspected.

    I would just like to thank elapsed for your help. :)
     
    Caine, Mar 7, 2009
    #3
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...