TDL3 Razor as Heur.Suspicious@112418658 Database 6376

I’ve got a false positive with Database 6376

TDL3 Razor is a free utility from Tizer Secure™ for the detection and safe removal of TDL3 rootkit.

2010-10-13 15:32:01      Antivirus Alert      Heur.Suspicious@112418658      C:\sysclean\TDL3 Razor\tdlrazor.exe      2010-10-13 15:32:11      False Positive             
2010-10-13 15:32:11      Defense+ Alert      7zFM.exe is trying to create a new file or directory      7zFM.exe is a safe application. It is about to create a new file/folder C:\sysclean\TDL3 Razor\TizerBruteForceEx.sys. This usually happens when you install or update an application, or when you download a file from the Internet or copy it from another source. If you are not performing any of these operations, you may consider blocking this request.      2010-10-13 15:32:13      Allow      Remember        

Hello Regression,

Thank you for your submission. We’ll check this and get back to you soon.

Best regards,
FlorinG

Hello Regression,

This False Positive has been fixed. You can check with Virus Signature Database version 6384 and confirm it.

Best regards,
FangFang

Thanks guys that was a fast reaction :wink:

Tested with 6388 :-TU

( Old check 1FP/39 http://www.virustotal.com/file-scan/report.html?id=650400942c8c7c40f6c2a72797a7512b75c708cc78de88fee172fffdf53f9c7e-1286978653

Last check 0/43 http://www.virustotal.com/file-scan/report.html?id=650400942c8c7c40f6c2a72797a7512b75c708cc78de88fee172fffdf53f9c7e-1287064827 )