Generic Dropper found in two files

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by pbrown12303, Oct 30, 2009.

  1. pbrown12303

    pbrown12303 Private E-2

    My McAfee virus on-access scanner reported a generic dropper in C:\Program Files\Zada Solutions\World Clock\Uninstal.exe this morning. It got moved to the quarantine folder. This afternoon it found another in C:\quarantine\A0198940.exe.Vir (looks like this was moved before the name was taken for the log entry).

    I am trying to determine the source of these - any ideas?
     
    pbrown12303, Oct 30, 2009
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    Most likely a false positive. Did you install this program yourself.

    The C:\quarantine folder is McAfee's own folder used for quarantining problems. This is probably where it has been moving the files to when it detected them. The A0198940.exe file is most likely a copy of the same file but just from System Restore since that is how System Restore names files.
     
    chaslang, Nov 1, 2009
    #2
  3. pbrown12303

    pbrown12303 Private E-2

    The World Clock was installed more than a year ago. The warning about the generic dropper just appeared.
     
    pbrown12303, Nov 2, 2009
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Yes but McAfee updates multiple times per week and now they are detecting it as a problem. As I stated, it is probably just another false positive.
     
    chaslang, Nov 4, 2009
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds