"Dustin Cook" <bughunter.dustin@gmail.com> wrote in
news:1168441728.831692.122540@o58g2000hsb.googlegr oups.com:
>
> louise wrote:
>> Dustin Cook wrote:
>> > louise <louise@invalid.invalid> wrote in news:50fl5uF1felp9U1
>> > @mid.individual.net:
>> >
>> >> Bughunt, which I've used for the first time, found
>> >> windows/system32/instsrv.exe to be a "bug" and I chose to
>> >> rename it. I'm running XP Pro
>> >>
>> >> I then looked on my portable and discovered the same file there.
>> >>
>> >> Is it a bug? Should I name it back?
>> >>
>> >> TIA
>> >>
>> >> Louise
>> >
>> >
>> > Hi Louise... Could you send me the file for analysis?
>> > raidslam@yahoo.com.remove.to.email
>> >
>> > It most likely is a false alarm, and if so, I'd like to remove it
>> > from the signature files. You can always send me the bughunt.log
>> > file if you'd prefer, that will provide me the information I need
>> > to pull the record...
>> >
>> >
>> sent - please let me know.
>>
>> Louise
>
> Hi Louise,
>
> Sorry for the delay in getting back to you. The file is indeed a false
> alarm; no need to rename or delete it. It will be removed in the next
> signature release, which should be by friday I'm hoping. Thanks for
> bringing it to my attention!
>
>
Scratch this... I've decided the program isn't necessarily legitimate,
and BugHunter should scan for it. The File I thought it was isn't. This
program you sent is packed with UPX and is protected. Unless you've
specifically installed this, BugHunter is right in targeting it.
File: INSTSRV.exe
Status:
INFECTED/MALWARE
MD5 2d1521dfb7b01d0c4679195b1abccba2
Packers detected:
UPX
Scanner results
Scan taken on 11 Jan 2007 03:51:47 (GMT)
AntiVir
Found nothing
ArcaVir
Found nothing
Avast
Found nothing
AVG Antivirus
Found nothing
BitDefender
Found nothing
ClamAV
Found nothing
Dr.Web
Found Tool.InstSrv
F-Prot Antivirus
Found nothing
F-Secure Anti-Virus
Found nothing
Fortinet
Found Misc/Instsrv
Kaspersky Anti-Virus
Found nothing
NOD32
Found nothing
Norman Virus Control
Found nothing
VirusBuster
Found nothing
VBA32
Found nothing
--
Dustin Cook
Author of BugHunter - MalWare Removal Tool -V2.0
web: http://bughunter.it-mate.co.uk
email: bughunter.dustin@gmail.com.removethis
Last updated: January 4th, 2007
Reply With Quote