variant of Win32/Genetik trojan - FP?

Discussion in 'NOD32 version 2 Forum' started by Caine, Feb 28, 2009.

Thread Status:
Not open for further replies.
  1. Caine

    Caine Registered Member

    Joined:
    Nov 11, 2005
    Posts:
    63
    The following infected file was quarantined by my NOD32:
    C:\Deckard\System Scanner\20080826211058\backup\WINNT\Downloaded Program Files\xscan53.ocx - probably a variant of Win32/Genetik trojan
    I checked the forums for anything similar and I suspect this may also be a false positive. I restored from quarantine and submitted to Jotti to be sure. NOD32 also asked me to submit for analysis.

    Are the heuristics just too sensitive? Can I restore this file, and set NOD to ignore in the future?

    ~Jotti results removed per Policy.~
     
    Last edited by a moderator: Feb 28, 2009
  2. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,856
  3. Caine

    Caine Registered Member

    Joined:
    Nov 11, 2005
    Posts:
    63
    Since I submitted the file to the labs as per instructions, the result has disappeared from full system scans, and must have been a false positive as I suspected.

    I would just like to thank funkydude for your help. :)
     
Thread Status:
Not open for further replies.