Skip to main content

false positive Naver Whale

Comments

6 comments

  • Customer

    Hi jee soo lee,

     

    Thanks for your report. To confirm, the files we checked are:

     

    File: IETabDriver.exe

    MD5: c103a08d9f2f9e2d18eedab0e376b481

     

    File: whale.exe
    MD5: 9969650dab84c15ab0d8a69b7a827e9f

     

    These two files are not currently detected.

     

    Regards,

     

    Andy

    Lavasoft Malware Lab

    0
  • Customer

    Yes, I can see the detection in the screenshot/xml file, but I can't recreate it with the files you uploaded. Maybe we're looking at different files.

     

    Can you check the md5's of the detected files you're testing with and compare them with the files below? Are they the same, or different?

     

    File: IETabDriver.exe

    MD5: c103a08d9f2f9e2d18eedab0e376b481

     

    File: whale.exe
    MD5: 9969650dab84c15ab0d8a69b7a827e9f

     

    Thanks,

     

    Andy

    0
  • Customer

    thank you for your answer

    after your reply, i've checked this again,

    but still be detected

    i attached the link of the screenshot

    https://drive.google.com/open?id=0B4IUsxrv-kNsQzZTUnBQNGdGb3M

     

    could you mind checking this problem again?

     

    regards.

     

    jee soo lee

    Naver corporation

    0
  • Customer

    we have compared MD5 of those two files with ours, and they are the same.

    but could you mind checking the error again using the file i attached(named : whale_install.zip)? this file is the combined file with those two file (usually, users use this file so, i think using this is more accurate)

    and which window's version did you test in ? we have tested on the window 7(64bit), so i ask you to test on win 7(64bit).

    and please check your UAC setting (the screen shot of our UAC setting is attached, please refer to this)

     

    this is link of the file and screen shot,

    https://drive.google.com/open?id=0B4IUsxrv-kNsQzZTUnBQNGdGb3M

     

    i really appreciate your help.

     

    sincerely

     

    jee soo lee

    Naver corporaion.

    0
  • Customer

    Using the installer, I was able to recreate the detection on IETabDriver.exe. The md5 for that file was different from the original one that we tested with (md5: 0f0ec27159eda4c9bad814d28bda0e59).

     

    This is an FP and will be removed from detection.

     

    I wasn't able to recreate the detection on whale.exe. The md5 of the file installed using the installer is d574b68650c68f8941dbc16f86d56a2f, which is also different from the file we originally tested.

     

    Can you upload the version of whale.exe that is being detected please?

     

    Andy

    0
  • Customer

    thank you for your helping,

     

    we also have checked two files and there is problem of 'ietabdriver.exe' only, so it might not need to check about 'whale. exe' again

    i really appreciate your help and if there is any other problems about this, i'll contact again

    thank you

     

    sincerely

    jee soo lee

    Naver corporation.

    0

Please sign in to leave a comment.