Hi, SeniorLinda, I sent you a PM to this topic.
Meanwhile have a look :
http://www.giveawayoftheday.com/forums/topic/6983
graylox
[sticky]
Review Trojan/Virus Reports
(278 posts) (134 voices)-
Posted 14 years ago #
-
SeniorCitizen
MemberDear graylox -- I just wrote on this forum and somehow lost it and it did not get posted. I thanked you for the lead, and then some. I will try again after I check my spam thingy to see if your private message is there. What a day. I am oh so confused. -- Linda.
Posted 14 years ago # -
SeniorCitizen
MemberOh my! I downloaded today's giveaway and just posted on the forum asking if I should install The Cleaner. Is nitin saying that the software is infected?
Posted 14 years ago # -
@ SeniorCitizen and @ nitin
No, that only means that nitin's system has a conflict.
When you are running more than one AV scanner at the same time, they often start a quarrel one against the other, and identify the other as "intruder".
The Cleaner is no scam. It can't be wrong to have several scanners, just be careful when you are running several of them parallel.graylox
Posted 14 years ago # -
SeniorCitizen
MemberThank you for your reply graylox. Have been sitting here in a state of anxiety since I wrote here. I visited the site of The Cleaner's developer (Moo whatever) and got a pop-up that would not allow my computer to open the site. That frightened me even more. I am saddened because my Internet experiences are no longer happy ones and I am fearful of visiting websites.
On another note, just so you know, seems my computer got infected on February 8th or 9th. I hadn't downloaded anything from anywhere that day, including giveaway.
Have a good day.
Posted 14 years ago # -
frannyji
MemberI have just had a problem with a Trojan virus. The program was Simpo PDF Merge & Split which was a recent giveaway. My antivirus program is ZoneAlarm Extreme Security with the most current update. I am using Windows 7. I've been having some problems the last couple of days so ran a scan. The result was as follows:
"Trojan.Win32.Sasfis.aehm was found in
C:\Program Files\Simpo PDF Merge & Split\common.dll on 16/02/2010 16:28:42"Frannyji
Posted 14 years ago # -
GMMan, Hexadecimal Blacksmith
Blocked@nitin: Having a look at it, it's only a heuristic alert. Half the time heuristics provide false positives, and avast didn't report any problems. I say it's safe.
Posted 14 years ago # -
dbpropp
MemberPCHand Screen Capture contains a Trojan?
I downloaded the PCHand Screen Capture/Recorder Suite yesterday. It ran fine several times, but the last time I started it Kaspersy Internet Security 2010 reported a trojan. It said, "PCHand Screen Capture ... is trying to get access to malicious software..."
OBJECT: C:\Program Files (x86)\PCHand Screen...\ImageEditor.exe
TROJAN PROGRAM: Trojan-Dropper.win32.delf.etfOp System: Win Vista Home Premium 64 bit
Virus Software: Kaspersky Internet Security 2010 v. 9.0.0.459 (a,b,c,d)Kaspersky also reported, "A special disinfection procedure is required which demands system reboot..." I will attempt to notify PCHand, the provider, but I don't know if they'll respond due to GAOTD s/w not being supported.
I doubt the PCHand program is intentionally infected, but it is important to report this and try to find a solution. Otherwise the software is useless.
Posted 14 years ago # -
I got the same thing from Kaspersky IS 2010. Trojan-Dropper.Win32.Delf.etf .This was in the file PCHandScreenSuite.zip/screencapture_setup.exe//data0003 Exact ID confirm! I am running the same os as dbpropp, I know that gotd had nothing to do with putting in any viruses lets get that straight right now! i have been a member for a while now, i dont say much but i have never had a problem till now, and i really dont think anyone else has ever had either. The gotd staff works very hard to make this a safe site. Again I thank you for what you do. All of you. this could have been drive-by viruses or any number of things. I have since deleted all files, maybe something like this will come around again or I can get the trial version of it and if it works (safely) buy it from the developer. after all thats why they release these programs in the first place to see if you like it and to hopefully buy updates. Anyway thanks for listening to me rant, when i get a response from the developer i'll also post an update on it. Semper Fi
Posted 14 years ago # -
prs
MemberI had the same trouble with PCHandScreenSuite on my WinXP and Kaspersky IS. Seems like Kasper is the only one with objection to this giveaway. This could well be a false positive. Kasper objected to the zip file itself and hence I did not proceed with the installation. The giveaway of the PCHandScreenSuite on Feb 11 was aborted thanks to Kasper and PCHand assures us that this software is clean (http://blog.giveawayoftheday.com/why-has-pchand-screen-capture-recorder-suite-disappeared/)
I trust my Kasper! Since there are many alternatives to this particular giveaway it is goodbye to PCHandScreenSuitePosted 14 years ago # -
ref: PCHandScreenSuite
I did not install those programmes, so I can't scan the files.
May I remind you, that the giveaway was cancelled February 11, 2010 :
After testing, we found out the most possible reason. One component of PCHand suite, common.dll, is compiled with Delphi former version, and actually, this issue never reported by any security software before. However, Kapersky and Symantec recently (around Feb. 9th) updated the virus library and misrepresented this component contained torjan. Now we are solving this problem.
Could this still be the same problem?
Please upload the file for a scan to:http://www.virustotal.com/
or
http://virusscan.jotti.org/en
or
https://evilfingers.com/projects/NoVirusThanks.phpand report about the outcome.
Thanks.graylox
Posted 14 years ago # -
prs
MemberOn my PC Kaspersky objected to the zip file of PCHandScreenSuite itself and and did not allow me to proceed with the installation. I believed that uploading the zip file to online virus scanners would be fruitless (correct me if I am wrong here) otherwise that would have been the next logical step for me. When Kasper gives a red alert it has to be turned off to proceed with the installation. Not brave enough for that.
Posted 14 years ago # -
You don't have to pay anything - it looks like the install for FILEminimizer Pictures didn't complete correctly for you.
One of the tools that FILEminimizer uses - thinks that it hasn't been registered (Support for the windows context menu). Try uninstalling FILEminimizer and try to install it again.
It might just be a conflict with another program that you have on your system, where the developer also uses the contextmenu.net tool.
I've installed and registered the software without any nag messages appearing at all. It is definitely NOT a virus or spyware. Just a legitimate 3rd party component that believes it hasn't been registered/paid for by Balesio.
Posted 14 years ago # -
Hi! I install ultimate keyloger from GAOTD. and if i open raport (decrypt and run in IE) my firewall is reporting me that the program is trying connect to the Internet. Why in this moment? and what is this? perhaps keyloger inform our autors of my passwords to the bank or mail?
Posted 14 years ago # -
GMMan, Hexadecimal Blacksmith
BlockedI'd say it's a false positive. avast! didn't pick up anything.
Posted 14 years ago # -
I use AVG Internet Security and that didn't pick anything up for me. Don't worry it is a false positive as there have been no virus reports for this giveaway yet.
Posted 14 years ago # -
Please upload it to one of the off-line scanners and post the report here:
online scans:
http://virusscan.jotti.org/en
http://scanner.novirusthanks.org/
http://www.virustotal.com/graylox
Posted 14 years ago # -
TomB
MemberPlease upload it to one of the off-line scanners and post the report here:
That's easier said than done. As mentioned yesterday, the file was removed from my system when reported by AVG as a TROJAN. AVG has a history file, but will not allow me to copy and paste it here. Even if you had these things, what would be done?
Posted 14 years ago # -
Oh, yes, I know this situation from my Kaspersky.
Never mind, I'm quite sure that was no baddy, just a false positive. I didn't download this programme, so I can't upload the file. If there would have been a threat, many more users would have complained about it.
Well it's too late now, for this software, next time your AV makes such problems, try to whitelist the set-up or just close the AV for a while. But be cautious, I would never close my AV for a free programme. When the files are not too big you can scan them with the offline scanners. A sandbox is another way to examine unknown programmes.
In all my years with GOTD I never saw a real virus or trojan. The project team scans every programme before distributing it.graylox
Posted 14 years ago # -
DXEffectTester.exe
DXEffectTester.exe.dat
@TomB:
it's possible that AVG flagged the file, then someone submitted it to them & it has now been cleared as a false positive...these are from this morning...you can see what a VirusTotal report looks like now...also, since Chip also uses AVG, it's possible that one of you didn't have updated definitions, & they now show clean...
@Chip:
there were reports on the international (non-english) GOTD sites (when i read with google translate)...@graylox:
workaround found late yesterday : )
but my problems remain : (Posted 14 years ago # -
dabbler
MemberInstalled InPaint 7/12 found Trojan.Win32.Agent2.ctje with Kaspersky scan updated 7/15/2010.
Confirmed:
http://scanner.novirusthanks.org/analysis/111f93266fa217be2733ec8d1e709481/SW5QYWludDI0LnppcA==/Nothing found with:
http://www.virustotal.com/analisis/58803113208fb4b106a447afd10ee94794bb5e1fd7eed99f266d030b719733ab-1278981443Posted 14 years ago # -
Beaks
MemberInPaint now coming up containing trojan with three scanners now:
File InfoReport date: 2010-07-16 04:08:38 (GMT 1)
File name: Inpaint.exe
File size: 3193344 bytes
MD5 Hash: 1203271adb59269a558c09ba1ab420d5
SHA1 Hash: 74b89690ff190a62e61ab7a644dafd967945b557
Detection rate: 3 on 16 (19%)
Status: INFECTEDDetections
a-squared -
Avast -
AVG -
Avira AntiVir -
BitDefender -
ClamAV -
Comodo -
Dr.Web -
F-PROT6 -
G-Data - Trojan.Win32.Agent2.ctje A
Ikarus T3 -
Kaspersky - Trojan.Win32.Agent2.ctje
NOD32 -
Panda -
TrendMicro -
VBA32 - Trojan.Win32.Agent2.ctfcScan report generated by
NoVirusThanks.orgPosted 14 years ago # -
Has anybody sent it to Kaspersky's lab? I couldn't.
I have some trouble with my puter - not virus related - and gave up after some time. I still think it's a false positive.
But you never know....Posted 14 years ago #
Reply »
You must log in to post.