Win32.RuleBlock.1

What does this detection mean? I've never seen it before, WSA detected Seamonkey 2.20 beta 3 setup as this today, though I already installed it earlier and it didn't warn back then.

 

Can you look for the line with the MD5 from the Scan Log and post it?

TIA,

Daniel

 

If you have your heuristics very high or at maximum, you could experience this on new, untrusted applications. If you trust the program, you can safely Allow it to execute.

Hope that helps!

 

Thanks It was on a VM and I do have heuristics to max there, and warn on execute if untrusted. I did get a warning when I executed it that it was untrusted, but I allowed it, so should it still detect it later?

Here's the scanlog line:
c:\users\xxxx\downloads\seamonkey setup 2.20b3.exe [MD5: 1C863F22AC3AD21CBC85892D295004D0] [Flags: 00080081.10767]
Btw, what does the stand for?

 

I'm trying to find out but Joe will probably post back before I get an answer.

Daniel

 

It should allow it once overridden to Allow. I= "Inhibit Execution", basically, block that instance of the file, but it isn't specifically bad from our database.

 

I think I clicked Allow Once, instead of Allow so that would explain it. Thanks