Pr0tocollage Posted October 27, 2012 Share Posted October 27, 2012 (edited) False Positive or real PAK.generic.005? Trend Micro Titanium 2012 found & removed PAK.generic.005 in http://oblivion.nexusmods.com/mods/16622 OBSE -Elys - Universal Silent Voice v93-16622. C:\users\Frya\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TIG9LZBD\OBSE–Elys- Universal Silent Voice v93-16622[1].zip\Elys_USV.dll. Removed from Tempfiles beforeactual browsers download-permission, see attachedscreenshot.Too many different aliasses on PC1news to make headsor tails from it, it's been called Trojan (downloader, dropper and backdoor),spyware, adware, fakeAV, BHO (search), worm and dialer. 1 initial infection can'thave that many functions, unless……. one of Microsoft-aliasses is Backdoor:Win32/Blackhole.S, the dreaded exploitkit. The entries [McAfee] : Vundo, [bitDefender] : Trojan.Vundo.DMA, [Kaspersky] not-a-virus:AdWare.Win32.Virtumonde.jp& [NOD32v2] Win32/Adware.Virtumonde alsocought my attention (Vundo = Virtumonde, it's adware for fakeAV). Is it a false positive? After all, the mod isdownloaded already 211.838 times. Edited October 27, 2012 by Pr0tocollage Link to comment Share on other sites More sharing options...
Hickory Posted October 27, 2012 Share Posted October 27, 2012 It's a false positive. Zero detections on VirusTotal. Link to comment Share on other sites More sharing options...
Pr0tocollage Posted October 27, 2012 Author Share Posted October 27, 2012 It's a false positive. Zero detections on VirusTotal. Thank You. Link to comment Share on other sites More sharing options...
Lanceor Posted October 28, 2012 Share Posted October 28, 2012 To give you a little more confidence in it, I've used that plugin for the last couple of years and so far my computer hasn't self destructed or done anything wierd. Link to comment Share on other sites More sharing options...
Recommended Posts