Is virus detection info/data shared between some vendors?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
CA Anti-Virus deleted some Sony VAIO program files:

File infection: C:\PROGRAM FILES\SONY\WELCOME TO VAIO LIFE\VT.EXE is
Win32/Droplet.IE trojan. Deleted
File infection: C:\PROGRAM FILES\SONY\WELCOME TO VAIO LIFE\WTVL.EXE is
Win32/Droplet.IE trojan. Deleted
File infection: C:\PROGRAM FILES\SONY\WELCOME TO VAIO LIFE\IA.EXE is
Win32/Droplet.IE trojan. Deleted

I'm quite sure these aren't trojans.
But, may AV engines seem to think so:
http://www.virustotal.com/analisis/0512dd6307d738910e9dae71873fd4a2292b
9c56a19665ae3b3d4fed883ac970-1243732598

Do some AV companies share this kind of virus detection data among
themselves, or is all detection info derived independently by an AV
vendor?


Re: Is virus detection info/data shared between some vendors?

Cyberiade.it Anonymous Remailer wrote:
Quoted text here. Click to load it

Are you so sure of Sony these days?
Didn't they distribute a rootkit to disable some CD burners awhile back?
I so distrust those bastards that I opted for a Vizio rather than a
Bravia last xmas when I has a choice.

Re: Is virus detection info/data shared between some vendors?

wrote in message
Quoted text here. Click to load it

There is some sharing, but the results you see are probably because of
how much code is in common with the legitimate programs and the malware.
Try again and you may get different results as the vendors react to
these false positives.



Re: Is virus detection info/data shared between some vendors?


System Suite 9 (using the sunbelt antivirus engine) has just detected
the same
virus in the same sony files and quarentined them!

Trojan.win32.generic - in c:\program files\sony\welcome to Vaio
life\ia.exe
Trojan.horse - on c:\program files\sony\welcome to Vaio life\vt.exe


I assume these files are NOT taited or dangerous since I've lived with
them for
5 years now?

Does anyone know what features and/or functions might be affected by
this
quarentine?

Duftopia


--
Duftopia
------------------------------------------------------------------------
Duftopia's Profile: http://forums.techarena.in/members/121979.htm
View this
thread: http://forums.techarena.in/antivirus-software/1189566.htm

http://forums.techarena.in


Re: Is virus detection info/data shared between some vendors?

Duftopia wrote:
Quoted text here. Click to load it

Trojan.win32.generic is a baddie, but it's hard to remove. Google the
file name plus "remove" to find help (and all the horrifying details.)

Quoted text here. Click to load it

Five years, eh? FWIW, Sony was soundly trashed for including a rootkit
on its CDs, which installed itself when you played them on a computer,
and messed up copying or ripping tunes. AFAIK, Sony has cleaned up its
act. But you have a machine old enough to predate that little mess, so
IMO these are Sony's way of enforcing its intellectual property rights.

Quoted text here. Click to load it

Quarantine prevents them from doing their thing (though they may have
executed before you did the scan.) So if you see no changes in your
machine, it should be safe to tell Suite 9 to remove them. That's what I
would do.

OTOH, wait for a few more answers, some people will have direct
experience of this malware, and therefore have better advice.

HTH
wolf k.

Re: Is virus detection info/data shared between some vendors?

Quoted text here. Click to load it

I suspect a false positive declaration.

You can probably find out what these programs actually do from Sony. My
guess is that your AV will eventually stop alarming on them.

You could submit the suspect files to jotti.org or virustotal.com to see
what other products think of them.



Re: Is virus detection info/data shared between some vendors?


Yes it looks like a false response, SONY has its ways but they never
totally crippled me, although the rootkit they sent out a few year ago
did get me a bit angry.

Thanks for your advice!

Duftopia


--
Duftopia
------------------------------------------------------------------------
Duftopia's Profile: http://forums.techarena.in/members/121979.htm
View this thread: http://forums.techarena.in/antivirus-software/1189566.htm

http://forums.techarena.in


Site Timeline