Announcement

Collapse
No announcement yet.

Virus ??

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Virus ??

    Kaspersky reports a virus when I attempt to download BC3 Version 461:

    detected: virus Trojan-GameThief.Win32.OnLineGames.arut URL: http://www.scootersoftware.com/BComp...tup_080703.exe

    I canceled the download.

  • #2
    I just scanned BCompareDebugSetup_080703.exe and BCompareLinux_080703.deb with Symantec AntiVirus (program version 10.1.4.4000, scan engine version 81.1.0.13, virus definitions 03 Jul 08 rev. 3), and it didn't detect anything.

    I also tried ClamAV (version 0.93.1/7638/Fri Jul 4 07:41:46 2008) and it didn't find anything.
    Last edited by Dave_L; 04-Jul-2008, 09:55 AM.

    Comment


    • #3
      Below is what Kaspersky reports, as seen with both of their 2 most recent virus definition updates. As a check, I downloaded another application from the WEB without any problems. I also rescanned four previous BC3 releases (_080422, _080519, _080606, _080619) and nothing turned up. Each scan took about 20 seconds. It is only attempting to download this BC3 release that instantaneously triggers Kaspersky. I don't find much information posted about this virus. Nothing on Kaspersky's site. In the past, I have found Kaspersky is a step ahead of other virus software, but of course I cannot rule out a false detection here or something related to the site.


      ACCESS DENIED
      The requested URL could not be retrieved
      -------------------------------------------------------------------------
      While trying to retrieve the URL: http://www.scootersoftware.com/BComp...tup_080703.exe

      The folowing error was encountered:

      The requested object is INFECTED. The following viruses Trojan-GameThief.Win32.OnLineGames.arut were found

      Please contact your service provider if you feel this is incorrect.
      --------------------------------------------------------------------------
      Generated Fri Jul 04 07:56:58 2008 by Kaspersky Internet Security 7.0
      Last edited by markf_2748; 04-Jul-2008, 11:28 AM.

      Comment


      • #4
        Passed all scans at http://virusscan.jotti.org/ :
        File: BCompareFullDebugSetup_080703.exe
        Status: OK
        MD5: f3f2d23b6b193353bbfb646ee039c441

        Comment


        • #5
          Downloaded and installed BCompareDebugSetup_080703.exe without incident today. The Kaspersky scan did not find anything (Virus database 7.0.1.321, 7/5/2008 6:34:09 AM).

          MD5: 60f06fffd5bfb74bb0c9d9ec86ac19de

          I downloaded BCompareFullDebugSetup_080703.exe and found the same MD5 as reported by GreenMoose yesterday. I am not aware of anything that has changed at my end other than the newer virus database.

          BC3 461
          Last edited by markf_2748; 05-Jul-2008, 01:54 PM.

          Comment


          • #6
            @Scooter:

            Can you offer a brief insight about what was going on here? I am curious to know for the record whether Kaspersky is a hero (found something that other AVs missed) or just over zealous (false positive that was corrected in subsequent virus database) for this event.

            Thanks.
            Last edited by markf_2748; 08-Jul-2008, 11:05 AM.

            Comment


            • #7
              I'd say it was a false positive. We didn't change the download between the time it failed your scan and then passed.
              Tim T Scooter Software

              Comment

              Working...
              X