2harts4ever

Trojan.Win32.Bredolab!IK

Recommended Posts

Good evening,

For the record I am using a Compaq Presario AMD Athlon 64 Processor 3300+, 2411MHz/1.93 GBs RAM, running Windows Xp Home, SP3., with IE8.

I have been reading up on a defrag program called "UltraDefrag 3.3.0' and decided to give it a shot. After getting a clean bill on the downloaded file from my Anti-Virus program I ran a scan with 'A-Squared Free'. A-Squared immediately said it had 'Trojan.Win32.Bredolab!IK' in it.

I then tested this same file on Jotti and A-Squared was the only security program to say it had this Trojan, all the others said it was clean.

I submitted the file in question to A-Squared this morning but I have heard nothing back as of now.

Does anyone else know if this is just a False Positive being reported by A-Squared Free?

Thanks and regards,

2harts4ever

Share this post


Link to post
Share on other sites

Hi 2harts4ever,

UltraDefrag downloaded from here is Source Forge known project.

I never used this one in particular. I'm using different alternatives to the native MS defragmentation, but I heard good reviews re: UltraDefrag

It should be fine and fixed (if downloaded from the right location ;) )

As for

...I submitted the file in question to A-Squared this morning but I have heard nothing back as of now...

If you submitted from the detection list - you will never hear from EMSI :P since the fix should come with the updates and all you need is just rescanning.

Just be patient and wait a bit.

If you accidentally quarantined then auto-rescan feature will restore those quarantined items when and if the FP confirmed

if that will stay for more than 24 hours then you can use e-mail old fashion method ... in this case you will get the response, but let's hope you'll not need that

My regards

P.S. {added}

I just downloaded and scanned the the Setup without performing the installation - submitted as well from here :)

Share this post


Link to post
Share on other sites

Morning Lynx ,

Thanks for your response and information. I had downloaded it from the same link you suggested.

I will do as you say and give EMSI a little time to see if they correct the False Positive before installing it.

Have a great weekend! :)

Thanks and regards,

2harts4ever :wub::wub:

Share this post


Link to post
Share on other sites

Hi 2harts4ever, I'm glad to hear that and indeed – fixed.

Just a comment to make so that may help in the future.

When yesterday late at night the file was still flagged, I decided to send it by e-mail and the reply was received early in the morning (see attached)

The point here is not the “historical” action itself, but the way to extract the specific file,

because the the size of the Installer itself could be substantial. Not in this case though -

ultradefrag-3.3.0.bin.i386.exe is just 708KB. Only udefrag.exe (28KB) was flagged.

Sometimes as in this case it's possible to open such installers, say by using 7z archiver and extract needed file only. It 's resided in \$SYSDIR\ subdirectory.

… archived with password and sent... That's all folks! Cheers!

Share this post


Link to post
Share on other sites

Hi BenjaminBarbee, welcome to the forum

This is several months old thread

That was False Positieve detection and the was fixed as you can see

Please downloaded the said Software ; scan it with the latest (updated) signatures

If the file() are flagged again, please submit the file to the developers from the detection list

Most likely that should not happen

Ask if you have questions about the procedure or please read the forum / Help file / etc.

My regards

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.