Sign in to follow this  
Steve1209

Windows/System32/modifype.exe module

Recommended Posts

Hey Everyone,

A2free latest beta all updates current till Feb 24th 17:38 EST (just updated). Windows XP SP3+ all updates current. For about 5 days now Modifype in windows/system32 has been flagged and of course I'm always careful not to quarantine or delete windows files until I'm sure, the scan report follows, I have two questions:

a-squared Free - Version 4.5

Last update: 2/24/2010 5:38:54 PM

Scan settings:

Scan type: N/A

Objects: C:\WINDOWS\system32\modifype.exe

Scan archives: On

Heuristics: Off

ADS Scan: On

Scan start: 2/24/2010 5:39:57 PM

C:\WINDOWS\system32\modifype.exe detected: Trojan.Win32.Crypt!A2

1. For about 5 days now I've uploaded the file as to what I believe is a FP from the final scan screen by right clicking on it and uploading but everyday it's still flagged. I uploaded to Virus Total today only a2 flagged it as a Trojan everyone else said it was clean. Can the developers PLEASE look into this?!

2. There is a suggested alternative to WINZIP the file and add a password and send it to [email protected] Unfortunately I use GMAIL and no matter how you ZIP or RAR the said modifype.exe, password protect/encrypt it etc., somehow GMAIL can still detect it's an Executable file and won't send it. I have found one work around, if you rename the module modifype.DOC and attach it, gmail WILL send it, would the developers accept that if the instructions said you need to rename it from .DOC to .EXE?

Thanks much for any information on both questions,

Steve

Share this post


Link to post
Share on other sites
...2. There is a suggested alternative to WINZIP the file and add a password and send it to [email protected] Unfortunately I use GMAIL and no matter how you ZIP or RAR ... GMAIL can still detect it's an Executable file and won't send it...

Hi Steve,

as it was pointed in this offtopic thread see note about RAR (Oct. 02)

passwored RAR works, and before replying I tested just in case again (since some changes in Gmail)

I resent (to my non-gmail account) the same RARed file with the <>.exe inside that was flagged few days ago and submitted to EMSI.

All went fine.

I am not sure why you are having problems with passworded RAR?

But in the same thread there is a trick with renaming as well

I think if you will explain the reason in the e-mail sent to developers that file was renamed from <>.exe to say <>.txt or whatever - that will be accepted

My regards

Share this post


Link to post
Share on other sites

Hey Lynx,

Thanks, I'll try to RAR the file again and password it, I thought I passworded it last nite & gmail rejected it. I just did another update, rather large Feb 25th 12:36PM & the problem still shows, let me try again, thanks as always for the info

Steve

Share this post


Link to post
Share on other sites

Fabian/Lynx,

Thanks, first I WAS able to RAR the file with a password & send it, I don't know where my small mind was last night. So thanks Lynx, it worked as you said it would! Thanks Fabian for the info, Christian Peters also responded to my sent file, so the problem is resolved, I ran an update, file is no longer flagged!

Steve

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.