Problemo with system file

CAV detects the attached file as Heur.PEBomb, whereas CIMA says that there isnt anything wrong with it. Whats up?

Please note that the attached file is a RAR archive containing the supposed infected file. The archive is password protected, so that if the file happens to be dangerous, no one can extract it without the password. You will not get the password unless you are a moderator, administrator, or part of the Malware research team.

[attachment deleted by admin]

Hi Presario,

You did it right regarding creation of passworded archive, but you shouldn’t post attachment with notification here.

You need to submit the archive to malwaresubmit[at]

according to the rules here

How to report False Positives/Suspicious Files & How to Submit them

My regards

Oh yes, dont worry, im not that stupid. I “get” to help idiots remove their infections. I know how stupid people can be.

I’ll submit the archive. Thanks.

Thanks for reply, presario

I don’t want to start any confrontation here but not only “idiots” and “stupid people” can get infected.
Therefore I would restrain myself from making such conclusions.

You suspected that system file was flagged. That could be either False Positive detection or it is infected file indeed (virtually any file can be poisoned by 3rd party)

If the latter confirmed… then …. :wink: …no conclusions…

Let’s hope that will be sorted out soon by developers

My regards

Yes, i do know that. However the ones im refering to are the ones that delete the Windows folder, because it was taking up too much space.
Windows doesnt allow you to see the contents of the folder for a reason. so they delete the folder.

I wasnt refering to people with less knowlege, just those who dont use common sense.

Thought i should clarify.

Submitting file to CIMA will also send details of file to the virus labs but won’t inform them of it being a FP. IF you email CIMA and VirusTotal report that will help the guys fix the FP and check the Heuristics engine.