Results 1 to 4 of 4

Thread: False Positive: ExternalParallelRouteRunner.exe

  1. #1
    Junior Member
    Join Date
    Jan 2014
    Posts
    2

    Default False Positive: ExternalParallelRouteRunner.exe

    This is a component of the ADASHI software, which is an application for Emergency Responders. This particular executable is called by the ADASHI program when it needs to generate a vehicle route between 2 points on a street network. The ADASHI software is made by ADASHI Systems LLC, which is the company I work for.
    http://adashisystems.com/

    We noticed today that it was flagged on one of our employees' PCs. We wrote this application's code and compiled it ourselves, so it's definitely not infected. The info on this one is as follows:
    OS: Windows 7 x64
    Browser: IE 10 but it had nothing to do with the browser
    Version of Spybot: 1.6.2.0 (System Settings Protector 1.6.6.32)
    What reported it: Teatimer, updated today 1/27/2014. Our program was launched, it then called ExternalParallelRouteRunner.exe and Teatimer popped up, notifying us that it was infected with Win32.Badur


    I was also able to replicate this on another PC using the latest Spybot:
    OS: Windows 7 32-bit
    Browser: IE 9 (but again, had nothing to do with browser)
    Version of Spybot: 2.2.18.0 (Single file on-demand scanner)
    What reported it: File Scan wherein I selected our application's install folder. It was updated today 1/27/2014. I had initiated a manual scan.

    Interestingly enough, in 2.2.18.0 I did a system scan and it did not flag it. Only when I did File Scan did it pop up.
    Scan log:
    Spybot - Search & Destroy
    File Scanner 2.2.18.135
    Log created at 1/27/2014 2:37:55 PM
    Results Copyright (c) 2009-2014 Safer-Networking Ltd.

    C:\Program Files\OptiMetrics\ADASHI\ExternalParallelRouteRunner.exe
    Win32.Badur (47863CA6)
    Attached Images Attached Images

  2. #2
    Member of Team Spybot micha's Avatar
    Join Date
    Oct 2005
    Posts
    31

    Default

    Hello Jdurkacs,
    Please send us a "ExternalParallelRouteRunner.exe"-file to fp@spybot.info for the further analysis.
    Please, compress the file using the password "infected". Thanks in advance!

  3. #3
    Junior Member
    Join Date
    Jan 2014
    Posts
    2

    Default ok

    Sent. Thanks!

  4. #4
    Member of Team Spybot micha's Avatar
    Join Date
    Oct 2005
    Posts
    31

    Default

    Thank you for reporting this, please ignore this result, it will be removed from our detection database effective with the next detection update scheduled for Wednesday 2014-02-05.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •