Sign in to follow this  
Followers 0
EdWilson

exe's recognized and deleted as Deeterohms by CA

5 posts in this topic

I've had compiled scripts deleted from my machine where it appears that CA eTrust Threat Management Agent recognized the script as a Deeterohms virus and deleted them PLUS (appears but not certain) at least the AutoitSC.bin file, and I had trouble uninstalling and reinstalling AutoIT because of a now missing aut2exe.exe file. (that hurdle is now cleared, I've reinstalled and I can complile again.)

I emailed virus@ca.com with source code, exe, and log file info.

Anybody else experience the same?

http://www.ca.com/us/securityadvisor/virusinfo/virus.aspx?ID=137356

Share this post


Link to post
Share on other sites



The issue hit us hard today. We opened a case with CA, they acknowledged a false positive, and they are issuing new signatures tonight to fix the problem.

Share this post


Link to post
Share on other sites

The issue hit us hard today. We opened a case with CA, they acknowledged a false positive, and they are issuing new signatures tonight to fix the problem.

Thanks. Good to know about the new signatures tonight. (...and sorry it hit you hard)

Share this post


Link to post
Share on other sites

This issue hit my company hard also. I have downloaded the latest CA eTrust AV file (version: 36.1.7997) and it preliminarily looks like it fixes the problem. As I test further, I will post any more problems here.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0