Virus alert 'Packed.Win32.Tibs.ez' in einstein_SR4.15_windows_intelx86.exe
20 Dec 2007 21:15:36 UTC
Topic 193385
(moderation:
I've just had a succession of virus alert when downloading new job.
Kaspersky identifiate it as 'Packed.Win32.Tibs.ez' virus signature.
With no more information from einstein, I suspend all einstein jobs.
Virus alert 'Packed.Win32.Tibs.ez' in einstein_SR4.15_windows_in
)
Most probably a false positive. If there were to be a virus in the executable, a lot more people with different virus scanners would complain about it.
Same issue here... seems to
)
Same issue here... seems to be no way to tell KIS7 to ignore it though...
I too am getting the same
)
I too am getting the same virus warning.
All with Kaspersky?
)
All with Kaspersky?
Yes with Kaspersky. The
)
Yes with Kaspersky. The virus was just added to their database on 12/20/2007. Kaspersky typically updates their definitions much more quickly then other companies, so I wouldn't be too quick to label this false positive yet just because other anti-virus engines are not detecting it.
RE: I've just had a
)
12/20/07 6:06pm CST
I just got the same message, and the file is in my einstein directory. I too will suspend this project until I get an :all clear: from the project manager.
Tspecht-[at]-swri.edu
I've just sent the exe
)
I've just sent the exe Einstein file to Kaspersky Labs.
They probably give us more information on friday.
I'll keep you informed.
RE: I've just had a
)
Your first message seemed to suggest that the virus alerts came from data file(s) you were downloading.
I presume you have had the Einstein .exe for a while so why are you sending the .exe? Are you saying that the .exe has become infected from the downloaded data?
Cheers,
Gary.
Hi Gary Not really. I
)
Hi Gary
Not really. I didn't modify anything in the way the data is processed.
You are right : This alert points to the EXE file, but this could happen when the task change from one project to the Einstein one, according to new tests perform by Kaspersky (virus signature update).
Then, the alert has no connection with the data transfer. You are right.
I'm having the same alert
)
I'm having the same alert from Kaspersky Internet Security 6, with signatures published on 21-12-2007 at 01:48:47.
But my filename is: einstein_S5R3_4.15_windows_intelx86.exe
KIS detected this threat in a running module and in the file.
I'm going to delete the file, because KIS can´t desinfect it.
Support ppl, please give some feedback.