Hello,
I am getting an infection alert from webroot secureanywhere that a program I've used in the past is infected with maleware. This is a new install of a newer version, so I am not willing to infect my computer, but I would like to find any research that shows this as an active threat, not just a guess.
The program in question can be found here: http://occlub.ru/forum/showthread.php?t=859
The threat is specified as "ogtahsib.pdr" and is located in users"username"appdatalocal emp
Appearently this program generated this treat when run, as it was not found during download or by scaning the download.
Anyone?
Userlevel 7
I will need a MD5 of the detection in order to check out the detection. That d/l for the program in the link is good in our database. Can you reply with a MD5 or the piece from the scan logs where the detection is shown.
Don't have any MD5 or pieces, the scan log said it was located as "ogtahhsib.prd in c:usersmarjamarappdatalocal emp". Is there a way to get from my system something else you need? That file isn't to be found at the location stated. I suppose webroot deleted it.
Userlevel 7
+56
Hello marjamar and Welcome to the Webroot Community Forums!@ wrote:
Don't have any MD5 or pieces, the scan log said it was located as "ogtahhsib.prd in c:usersmarjamarappdatalocal emp". Is there a way to get from my system something else you need? That file isn't to be found at the location stated. I suppose webroot deleted it.
Please Right click on the Webroot Tray Icon by the Clock and choose Save a Scan Log to a place like the Desktop and it will open up and look for the line or lines Roy has asked for above.
Example: [g] c:program files (x86)mozilla firefoxplugin-container.exe [MD5: 2A43A30EF7FCFD1284F8C3318B784A68] [Flags: 40101000.1252]
Or you can save a scan log this way: http://www.webroot.com/En_US/SecureAnywhere/PC/WSA_PC_Help.htm#C11_ReportsandViewers/CH11a_SavingScanLog.htm
HTH,
Daniel 😉
The last date in the log is 2013-11-7, which is 6 days ago. I would think that log file should have up to todays date, as this event happened just a few hours ago. So, no MD5 or other pieces that I can find in that log file.
Userlevel 7
+56
Can you please Submit a Support Ticket as the support inbox can find out what's happening and also make sure you're system is clean of malware as they have a log gathering tool they can send you.
Thanks,
Daniel 😉
Thanks,
Daniel 😉
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.