Possible False Detection, Or Real Malware
Hi,
I have this program showing up as possible malware , but desinfection is impossible.
[system]=]HKEY_USERS\S-1-5-21-73586283-706699826-1801674531-500\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TYPEDURLS\url1=]C:\PROGRAM FILES\WINDOWS TRUST\RESSOURCES\MS.TFRAMEWORK.EXE
It is named MS.TFRAMEWORK.EXE in the Windows Trust\Ressources file of Program Files.
Here is the complete adress it sends back to.
Tried uploading it but your system shows "Upload failed. You are not permitted to upload this type of file". Cannot copy or paste it. If I try to slide it in this windows, it proposes either to execute or save it.
Thank you for the help.
detail of "valeur de hachage" don't know what it is, but shows up in file properties
CRC32 397D1372
MD5 C03F45CD829D553070412C864268DC73
SHA-1 B98896FB3BD5F41A25A6F4A35E8B446F9C664AB3
Comments
-
Hi,
I have this program showing up as possible malware , but desinfection is impossible.
[system]=]HKEY_USERS\S-1-5-21-73586283-706699826-1801674531-500\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TYPEDURLS\url1=]C:\PROGRAM FILES\WINDOWS TRUST\RESSOURCES\MS.TFRAMEWORK.EXE
It is named MS.TFRAMEWORK.EXE in the Windows Trust\Ressources file of Program Files.
Here is the complete adress it sends back to.
Tried uploading it but your system shows "Upload failed. You are not permitted to upload this type of file". Cannot copy or paste it. If I try to slide it in this windows, it proposes either to execute or save it.
Thank you for the help.
detail of "valeur de hachage" don't know what it is, but shows up in file properties
CRC32 397D1372
MD5 C03F45CD829D553070412C864268DC73
SHA-1 B98896FB3BD5F41A25A6F4A35E8B446F9C664AB3
Sorry, ignore the sentence in bold fonts. Just stupid of me... ;-)
The rest of the post is correct.
Thank you for taking time with it.0 -
Please find the file, put it in a password-protected archive (with the password infected) and attach the archive to the topic.
Cris.0 -
Please find the file, put it in a password-protected archive (with the password infected) and attach the archive to the topic.
Cris.
Hi Cris,
What do you mean by put it in an archive and password protect it?
I attached with the first post, and from what I understand I shouldn't have, but I do not know how to do what you ask.
Can you give me a little more info.
Thank you for helping me out.
Chris0 -
Here you go: http://forum.bitdefender.com/index.php?s=&...post&p=1222
Cris.0 -
Here you go: http://forum.bitdefender.com/index.php?s=&...post&p=1222
Cris.
OK, Thanks Cris for the help.
Here it is.0 -
Here you go: http://forum.bitdefender.com/index.php?s=&...post&p=1222
Cris.
Hello Cris,
Have you had any luck in analysing this file?
Thank you for keeping me posted,
Chris0 -
Hello Cris,
Have you had any luck in analysing this file?
Thank you for keeping me posted,
Chris
Hello Cris,
Still no luck with this file?
Keeps poping up as threat but I can only erase it by hand, and if it is a valid file, I'll be in deep doodoo!!
Thanks for getting back to me.
Chris0 -
Hello Chris,
Sorry for not responding, but analysing files is not my job, as I'm not a Virus Analyst for BitDefender.
I will, however, try to contact someone to take a look at this sample.
Cris.0 -
Hello Chris,
Sorry for not responding, but analysing files is not my job, as I'm not a Virus Analyst for BitDefender.
I will, however, try to contact someone to take a look at this sample.
Cris.
Thank you Cris, I thought this was the place to put the files with which we had a problem.
Thank you for letting me know,
Thankfully, Chris0 -
Thank you Cris, I thought this was the place to put the files with which we had a problem.
Thank you for letting me know,
Thankfully, Chris
Good morning!
Is there anybody from the tech side on this forum?
Can anybody give me an answer as to the exact nature of the file I have deposited in this section?
It has been over 10 days now that I've been solliciting help from you guys!
Thank you for looking it up and answering me.0 -
Hello,
The file has been analyzed, and it was declared to be clean. Detection should be removed in a few hours.
We apologize for the delay, and thank you for reporting it.
Cris.0 -
Hello,
The file has been analyzed, and it was declared to be clean. Detection should be removed in a few hours.
We apologize for the delay, and thank you for reporting it.
Cris.
Thank you cris, luckily you were around.
Thanks fot the help, keep up the good work,
Chris0 -
You're welcome.
Detection has already been removed after the last update I made to my BitDefender.
Topic closed. If you want it to be reopened, please send a PM to one of the Moderating Team members.
Cris.
EDIT: Moved to "False positive reporting"0