I tried to download the newest copy of OTL today to use at work in scanning some client machines and found that I was unable to do so as our Symantec Enterprise was detecting it as malware. The false positive is showing up as Backdoor.Graybird. I downloaded it on my home machine remotely and did an online scan with VirusTotal. 6 of 42 scanners picked it up as some sort of malware. The manufacturers who are detecting it as a false positive are ClamAV (PUA.Packed.PECompact-1), Dr. Web (Trojan.Siggen3.61192), eSafe (Suspicious File), PCTools (Backdoor.Graybird!rem), Symantec (Backdoor.Graybird), and VirusBlaster (Packed/PECompact). The MD5 of the file I got is fdf885ff476835b873d728abfe987d92 and it was downloaded directly from the main dist. source of http://oldtimer.geekstogo.com/OTL.exe.
Scan results can be seen here: https://www.virustot...sis/1336080118/
I will be alerting the anti-malware manufacturers as well so that the false positive detection can be removed.
Just wanted to make sure someone out there was alerted.
Edited by SongCloud, 03 May 2012 - 03:40 PM.