Yesterday, when using my laptop, I have a WSA mesage: "this site is not secure".
Then I saw on the security bookmark: "1 threat has been elimanted".
Is it possible to see what was this threat?
Best answer by Rakanisheu Retired
View originalBest answer by Rakanisheu Retired
View originalHello Roy,@ wrote:
I think we have got mixed up that screenshot is related to the file that I have already whitelisted. That message from Windows is due to the fact that you are downloading a .exe. Its normal and isnt anything to do with Webroot. That file is good in our database.
Hi@ wrote:
Hello Robert I can't tell for sure but to me it looks like an FP and I did a Search on VT using your MD5 Hash File D2AFB7BBE8DDF4C4BD05537BD1598870 as only Symantec came up with some kind of detection so it's best to wait for a conformation from Roy or another Threat Researcher. I wish Webroot was listed on VT as I made a suggestion maybe if a few more will Kudo it they will look at again as it's on Hold. http://community.webroot.com/t5/Ideas-Exchange/Adding-a-Webroot-SDK-to-VirusTotal/idi-p/7462#.UdBubW2DmJO :D
HTH,
Daniel ;)
I agree Daniel. If I could cheat and Triple Kudo it, I would. 😃@ wrote:
I wish Webroot was listed on VT as I made a suggestion maybe if a few more will Kudo it they will look at again as it's on Hold.
Thanks Daniel for the info;)@ wrote:
Hi Robert you can call him Roy if you like!
Daniel
Another think that I don't understand is that the page above reports always that the file hdctrlex.dll is a "fraudulent security program".@ wrote:
Thanks Rakanisheu:D@ wrote:
You wont need to submit logs, I found the file in our database and its now good. Saves you doing any work :)
But I don't understand the link given by Jim:@ :
http://www.prevx.com/filenames/X460799281356301372-X1/HDCTRLEX.DLL.html#nogo
Can you explain to me ?
Thanks Rakanisheu:D@ wrote:
You wont need to submit logs, I found the file in our database and its now good. Saves you doing any work :)
Thanks Jim@ wrote:
I don't see Rakanisheu online this morning, but I might be able to help.
It's hard to say just based on the file name. The file name alone doesn't tell us as much as the MD5 of the file would. The MD5 is submitted automatically when you contact us via the support system, which is why we suggest using that system in all cases of false positives or infections.
That said, I'm leaning more towards it being an infection, based on this. However, we won't really know for sure until we get a closer look, since file names alone can be misleading. If you update your support case, we can provide a better answer since we'll have more data to go on.
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.