Author Topic: False detection with latest Adaware update?  (Read 9248 times)

0 Members and 1 Guest are viewing this topic.

Offline Mannen

  • LandzDown Team
  • Full Member
  • *****
  • Posts: 98
    • View Profile
False detection with latest Adaware update?
« on: August 11, 2005, 08:33:51 PM »
Hi all!


I helped a user and it seems that Adaware removed a windows file with the lastest update (SE1R61 10.08.2005).
After that he lost his search function in Windows. So you all know

Quote
begin2search Object Recognized!
Type : File
Data : msxml3r.dll
TAC Rating : 3
Category : Data Miner
Comment :
Object : C:\WINDOWS\System32\
FileVersion : 8.20.8730.1
ProductVersion : 8.20.8730.1
ProductName : Microsoft Data Access Components
CompanyName : Microsoft Corporation
FileDescription : XML Resources
InternalName : MSXML3R.dll
LegalCopyright : Copyright © Microsoft Corporation. 1981-2000
OriginalFilename : MSXML3R.dll

Cheers
Mannen

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 19424
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: False detection with latest Adaware update?
« Reply #1 on: August 11, 2005, 09:25:21 PM »
Thanks, Mannen.  I quoted your post at BBR since that seems to be where LS R&D watches for issues. 
See http://www.broadbandreports.com/forum/remark,14113563


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 19424
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: False detection with latest Adaware update?
« Reply #2 on: August 11, 2005, 10:03:11 PM »
Mannen, LS_SteveJ has responded at BBR asking me to let you know that they are "on the case". 

Did you have the person restore from quarantine and in doing so, did that result in the recovery of the search function in Windows?


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline winchester73

  • Half a bubble off plumb
  • Administrator
  • Hero Member
  • *****
  • Posts: 7204
  • Liverpool FC - YNWA
    • View Profile
Re: False detection with latest Adaware update?
« Reply #3 on: August 11, 2005, 11:55:57 PM »
Same on this 2k box ...
Speak softly, but carry a big Winchester ... Winchester Arms Collectors Association member

Offline Mannen

  • LandzDown Team
  • Full Member
  • *****
  • Posts: 98
    • View Profile
Re: False detection with latest Adaware update?
« Reply #4 on: August 12, 2005, 05:38:08 AM »
Corrine

I asked him to copy the lost file first from the dllcache folder to the right folder. If that doesnt help i will ask him to restore the objects Adaware removed (a lot)


Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 19424
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: False detection with latest Adaware update?
« Reply #5 on: August 12, 2005, 10:18:16 AM »
To anyone following this thread, it has been confirmed as a f/p.  See Steve's reply in that thread. 

Mannen, thanks! 


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline winchester73

  • Half a bubble off plumb
  • Administrator
  • Hero Member
  • *****
  • Posts: 7204
  • Liverpool FC - YNWA
    • View Profile
Re: False detection with latest Adaware update?
« Reply #6 on: August 12, 2005, 11:05:03 AM »
NIce of LS SteveJ to confirm what we already knew ...  :shock:

Ad-Aware scans find NOTHING on this box, NEVER ... when this latest def file uncovered something, what do you suppose the logical conclusion is? In fact, the last time a scan found something, it was, guess what?  (Hint:  false positive)

Nice work Mannen ...  :gwave:
Speak softly, but carry a big Winchester ... Winchester Arms Collectors Association member

Offline Jason

  • Sr. Member
  • ****
  • Posts: 321
  • The Onomatopoetic
    • View Profile
Re: False detection with latest Adaware update?
« Reply #7 on: August 12, 2005, 01:24:38 PM »
Well done on swift reporting Mannen :thumbsup:, as it was discovered only minutes earlier during "nightshift" in our "icebear" timezone... :lol:

I'm proud to be a staffmember and one of the participants on your forum Mate... :mrgreen:
In a perfect world, spammers would get caught, go to jail, and share a cell with many men who have enlarged something, taken Viagra and are looking for a new relationship.

EASTER

  • Guest
Re: False detection with latest Adaware update?
« Reply #8 on: August 12, 2005, 05:47:26 PM »
Likewise Mannen, fine heads up and great instincts, you're a credit to this community and valuable in your help to others. Again Thanks.

Offline Mannen

  • LandzDown Team
  • Full Member
  • *****
  • Posts: 98
    • View Profile
Re: False detection with latest Adaware update?
« Reply #9 on: August 12, 2005, 06:30:57 PM »
Thanks all! :D

Without you all wonderful people I shouldn't be where I am today

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 19424
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: False detection with latest Adaware update?
« Reply #10 on: August 12, 2005, 08:38:15 PM »
We all learn from each other! 


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.