command on demand result

Hello all,

I conducted a command on demand webscan earlier and came up with these results:

File: 00003
Virus: could be a destructive program
State: Infected

This location was given: C:\WINDOWS$NtUninstallKB890923$\reg00003

I afterward ran a Symantec test and there were no virii or bugs found.

Could this be a false alarm reading?

The KBxxxxx file relates to a security patch for Internet Explorer 6, SP 1.
(I have SP 2 now) and the NTUninstall files relate to uninstalling security patches from Microsoft.

avast! does not appear to scan the NTUninstall files, which is not a major concern.

Anyway, what do you think?

Thanks again.

~chameleon.

P.S: I have not deleted the Command on Demand item, deferring to your expertise before such an action.

If possible, submit the file to Jotti and see what it says.

Jotti: http://virusscan.jotti.org

Thanks. :slight_smile:

I will keep that link in mind for the future.

I meant to post an edit that in my haste shutting down the computer, for another reason, I think I accidently deleted the suspect item.

Command on Demand showed no infected items when I did a second scan, so all evidence is gone.

I will just put it down to a weird thing and assume it wasn’t important either way. But I will keep this post up in case anyone else has this odd problem.