RaMoscow
21.11.2008, 12:38
сегодня запустил на ноуте асер касперский секьюрити 2009.
сообщил об опасном ПО и предложимл запретить - OBRCheck.
поиск выдал следующее:
File info:
(HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Cur rentVersion\Run: [eRecoveryService] C:\Windows\System32\Check.exe)
COMMENTS: OBRCheck
COMPANY NAME: acer Inc.
FILE DESCRIPTION: OBRCheck
FILE FOLDER: %SYSTEM%
FILE NAME: check.exe
FILE SIZE: 245,760 KB
FILE VERSION: 1.0.0.1
INTERNAL NAME: OBRCheck.exe
LEGAL COPYRIGHT: acer Inc. All rights reserved.
MD5 SIGNATURE: 61142fe8173a8b244aa5bfafba34aa0b
ORIGINAL FILE NAME: OBRCheck.exe
PRODUCT NAME: OBRCheck
PRODUCT VERSION: 1.0.0.1
SPECIAL FOLDER: SYSTEM
We have removed the file from detection.
This issue is fixed in the current releases, 0024.0000 and SE1R194.
Thanks once again for bringing this to our attention http://www.lavasoftsupport.com/style_emoticons/default/smile.gif
Regards,
LS Pekka
Lavasoft Research
а также:
The process OBRCheck (http://www.google.com/search?q=%22OBRCheck%22) belongs to the software OBRCheck (http://www.google.com/search?q=%22OBRCheck%22) or Wanadoo UK (http://www.google.com/search?q=%22Wanadoo UK%22) by acer Inc (http://www.google.com/search?q=%22acer Inc%22) or Wanadoo (http://www.wanadoo.fr/) (www.wanadoo.fr).
Description: Check.exe is located in the folder C:\Windows\System32. The file size on Windows XP is 245760 bytes.
The program has a visible window. Program starts upon Windows startup (see Registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run, HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\RunOnce). The file is not a Windows core file. Check.exe is able to record inputs. Therefore the technical security rating is 26% dangerous.
в общем, поскольку у меня именно асер и именно ноут, где эта утилита связана с восстановлением - лавасофт поправили свой антивирус, возможно, касперский тоже мог бы промсотреть этот файл.
сообщил об опасном ПО и предложимл запретить - OBRCheck.
поиск выдал следующее:
File info:
(HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Cur rentVersion\Run: [eRecoveryService] C:\Windows\System32\Check.exe)
COMMENTS: OBRCheck
COMPANY NAME: acer Inc.
FILE DESCRIPTION: OBRCheck
FILE FOLDER: %SYSTEM%
FILE NAME: check.exe
FILE SIZE: 245,760 KB
FILE VERSION: 1.0.0.1
INTERNAL NAME: OBRCheck.exe
LEGAL COPYRIGHT: acer Inc. All rights reserved.
MD5 SIGNATURE: 61142fe8173a8b244aa5bfafba34aa0b
ORIGINAL FILE NAME: OBRCheck.exe
PRODUCT NAME: OBRCheck
PRODUCT VERSION: 1.0.0.1
SPECIAL FOLDER: SYSTEM
We have removed the file from detection.
This issue is fixed in the current releases, 0024.0000 and SE1R194.
Thanks once again for bringing this to our attention http://www.lavasoftsupport.com/style_emoticons/default/smile.gif
Regards,
LS Pekka
Lavasoft Research
а также:
The process OBRCheck (http://www.google.com/search?q=%22OBRCheck%22) belongs to the software OBRCheck (http://www.google.com/search?q=%22OBRCheck%22) or Wanadoo UK (http://www.google.com/search?q=%22Wanadoo UK%22) by acer Inc (http://www.google.com/search?q=%22acer Inc%22) or Wanadoo (http://www.wanadoo.fr/) (www.wanadoo.fr).
Description: Check.exe is located in the folder C:\Windows\System32. The file size on Windows XP is 245760 bytes.
The program has a visible window. Program starts upon Windows startup (see Registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run, HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\RunOnce). The file is not a Windows core file. Check.exe is able to record inputs. Therefore the technical security rating is 26% dangerous.
в общем, поскольку у меня именно асер и именно ноут, где эта утилита связана с восстановлением - лавасофт поправили свой антивирус, возможно, касперский тоже мог бы промсотреть этот файл.