[CLOSED] False sasser B worm?
3 posts
• Page 1 of 1
[CLOSED] False sasser B worm?
by rise09 » Mon, 02 Jul 2012, 12:54
Hi,
I’ve installed Panda internet security about a month ago for our small business laptop. We are running windows 7 Home Premium.
Programs on machine are for business use, one is MYOB accounting software, the other is PPG Access Business Manager.
Both of these programs have been installed for over 18 months, and have never had any issues.
However this morning PPG Business manager failed to open (after Panda updated)
One of the main options (Equoting - file name eq32.exe) within Busienss Manager has been quarantined by Panda.
when I took it out of quarantine, excluded it from scans and tried to open, a Panda pop up window advised it contained a virus and said "restart to send to quarantine" I clicked the virus link in the panda window, which directed me to the virus encylopedia, advising that I had a Sasser B worm infection.
I updated virus definitions, ran a scan – came up clear. Restarted, ensured I had restored the file from quarantine and scanned again – came up clear.
Went to Microsoft site on another pc, downloaded the Microsoft malicious repair tool – backed up to USB, ran this off the USB on my laptop – came up saying no threats found.
Went back to Panda site, downloaded the Panda worm removal tool, said no threats found.
Connected to Panda again, ran another full system scan – no threats found.
Still when I try to open my program, it says it is being sent to quarantine as it is has a virus. Am currently running yet another full system scan, and the malicious software removal tool on the entire pc, so far nothing found, and it's already passed by the folder containing the eq32.exe file.
The file itself is part of an E-quoting package we, pay a monthly subscription fee to, which accesses all of our job details, part numbers, invoices – everything! I have tried to disinfect and restore it, but nothing happens. Even after restarting.
I believe it may be a false positive, we have no other symptoms, pc does not shut down or anything like that.
I just need to be able to access our database, it’s end of financial year here and I have literally got one day to tie everything up. Is there a way i can still use the prgram and get panda to stop quarantining it? (have excluded it form scans - no luck)
Any help you could offer asap would really be appreciated.
I’ve installed Panda internet security about a month ago for our small business laptop. We are running windows 7 Home Premium.
Programs on machine are for business use, one is MYOB accounting software, the other is PPG Access Business Manager.
Both of these programs have been installed for over 18 months, and have never had any issues.
However this morning PPG Business manager failed to open (after Panda updated)
One of the main options (Equoting - file name eq32.exe) within Busienss Manager has been quarantined by Panda.
when I took it out of quarantine, excluded it from scans and tried to open, a Panda pop up window advised it contained a virus and said "restart to send to quarantine" I clicked the virus link in the panda window, which directed me to the virus encylopedia, advising that I had a Sasser B worm infection.
I updated virus definitions, ran a scan – came up clear. Restarted, ensured I had restored the file from quarantine and scanned again – came up clear.
Went to Microsoft site on another pc, downloaded the Microsoft malicious repair tool – backed up to USB, ran this off the USB on my laptop – came up saying no threats found.
Went back to Panda site, downloaded the Panda worm removal tool, said no threats found.
Connected to Panda again, ran another full system scan – no threats found.
Still when I try to open my program, it says it is being sent to quarantine as it is has a virus. Am currently running yet another full system scan, and the malicious software removal tool on the entire pc, so far nothing found, and it's already passed by the folder containing the eq32.exe file.
The file itself is part of an E-quoting package we, pay a monthly subscription fee to, which accesses all of our job details, part numbers, invoices – everything! I have tried to disinfect and restore it, but nothing happens. Even after restarting.
I believe it may be a false positive, we have no other symptoms, pc does not shut down or anything like that.
I just need to be able to access our database, it’s end of financial year here and I have literally got one day to tie everything up. Is there a way i can still use the prgram and get panda to stop quarantining it? (have excluded it form scans - no luck)
Any help you could offer asap would really be appreciated.
- VirusBuster
-
- Posts: 1620
- Joined: Mon, 02 Apr 2012, 17:53
- Location: Panda HQ - Bilbao
Re: False sasser B worm?
by VirusBuster » Tue, 03 Jul 2012, 07:48
If you suspect its a false positive detection, send the file password compressed to falsepositives@pandasecurity.com
You can also submit the file to VirusTotal to check if other vendors are detecting it
You can also submit the file to VirusTotal to check if other vendors are detecting it
Regards,
Jorge Torre
TechSupport Department, Panda Security
Retail & Malware Team
I don't reply to private messages unless I have previously requested them
Jorge Torre
TechSupport Department, Panda Security
Retail & Malware Team
I don't reply to private messages unless I have previously requested them
- VirusBuster
-
- Posts: 1620
- Joined: Mon, 02 Apr 2012, 17:53
- Location: Panda HQ - Bilbao
Re: False sasser B worm?
by VirusBuster » Wed, 11 Jul 2012, 11:15
Closed due to lack of response
TOPIC CLOSED
TOPIC CLOSED
Regards,
Jorge Torre
TechSupport Department, Panda Security
Retail & Malware Team
I don't reply to private messages unless I have previously requested them
Jorge Torre
TechSupport Department, Panda Security
Retail & Malware Team
I don't reply to private messages unless I have previously requested them
3 posts
• Page 1 of 1
Return to Virus - Archive Issues
Who is online
Users browsing this forum: No registered users and 1 guest