Discussion in 'Trojan Defence Suite' started by hardhead, Feb 11, 2005.
TDS found this on my backup drive. Should I submit the file?
There was a definition set a while back that gave a false positive on that one and that is seemingly the case again here but just to be certain I would submit it.
I also found this qoute from Gavin
Just wondering if todays update picked this up. I believe I did a full scan yesterday, best I can remember and TDS didn't find anything.
Maybe Gavin can comment on this Monday.
I did submit the file and got a reply referring to the quote that I found and I'm still getting Positive Identification on (msnboot.exe).
Gavin says the same in my email....
Why all of a sudden am I getting this Positive Identification on (msnboot.exe) now. I do full scans regularly and have never got this before. I have todays reference file installed.
46861 references - 22725 primaries/11983 traces/12153 variants/other
Anyone got any ideas....
Fridays update did have a mistaken identify for that file and a couple of others
Mondays update cured it
did you do as Gavin said and installed new database then CLOSED tds then restart it and run a scan
I sure did. I followed the directions here ,same as the quote.
I was also told that this was not a false positive, rather a generic detection and not a trojan. It shouldn't be getting detected as it was fixed on this date: May 12th, 2002, 09:41 AM.
I also notice that the same file is in a restore volume that I made. It's picking up the same file. Wonder if I disable system restore and scan again. You suppose that might do the trick.
TDS does pick up the file in program files first and then the restore volume.
I just don't understand why it all of a sudden started this. It all happened when others started having problems too.
Is it fixed now for all of these Microsoft files ?
The reason it started happening - we added some more detection and it broke the webdownloader detection a little bit. Should be fixed though
I'm still getting the same Possible Webdownloader for MSNBOOT.EXE. Same as the pic.
Should I uninstall TDS and reinstall?
Dont have a copy of it handy so can you just send it to submit(at)diamondcs.com.au ? We'll check it again just to make sure
I sure will.
I sent my file by TDS. Sorry I sent an exe. the first time and then realized duh I need to send it in a zip which I did last night. I got todays updated database and closed TDS, restarted and still came up with the same Webdownloader for MSNBOOT.EXE.
It's really no big deal as long as the file is good which you did say in my email before. If messed up and need to send the file by email and not TDS let me know.
It's something that I can live with.
It's fixed now. Not real sure which database update did the job because I haven't did a full scan in the past few days. Must have been yesterdays or todays update.........
Separate names with a comma.