Announcement

Collapse
No announcement yet.

7.0.4.0 & 7.0.4.5 infected with trojan?

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    7.0.4.0 & 7.0.4.5 infected with trojan?

    I was using 7.0.1.2 until today when I was prompted to update to 7.0.4.0 which I did. As soon as I tried to run it my AV software (ESET Smart Security 4) quarantined the DVDFab.exe file due to infection by Win32/Kryptic.EAB trojan variant. I've tried to download 7.0.4.0 and 7.0.4.5 and they are both flagged as infected. Anyone else able to verify or is my AV being overzealous?

    #2
    It is a false positive.
    人生は贈り物であり、完全な喜びを経験する必要があります
    Life is a gift and should be experienced in full joy

    Comment


      #3
      Originally posted by kevinrc View Post
      I was using 7.0.1.2 until today when I was prompted to update to 7.0.4.0 which I did. As soon as I tried to run it my AV software (ESET Smart Security 4) quarantined the DVDFab.exe file due to infection by Win32/Kryptic.EAB trojan variant. I've tried to download 7.0.4.0 and 7.0.4.5 and they are both flagged as infected. Anyone else able to verify or is my AV being overzealous?
      Where did you download the file from, because that variant did not come from the Fab Website.
      Programmer in Python, Java, JavaScript, Swift, PHP, SQL, C#, C++, Go, R

      Comment


        #4
        Chameleon, it came from fab website.
        人生は贈り物であり、完全な喜びを経験する必要があります
        Life is a gift and should be experienced in full joy

        Comment


          #5
          @Chameleon

          You are correct. The current beta file name is DVDFab7045Beta.exe
          "Beer is living proof that God loves us and wants us to be happy." - Benjamin Franklin 1706-1790

          Comment


            #6
            GregiBoy, when it is installed, user has DVDFab.exe and that one gets reported as the virus stated above by ESS.
            人生は贈り物であり、完全な喜びを経験する必要があります
            Life is a gift and should be experienced in full joy

            Comment


              #7
              It's definitely a false positive. I disabled real-time file system protection while installing the 7.0.4.0 update and then immediately enabled it after it completed and everything is working just fine and nothing is claiming to be infected. There's also nothing requesting access to the internet so it does appear to be a false positive. Hopefully they'll get it fixed soon.

              @Chameleon: I actually downloaded both 7.0.4.0 and 7.0.4.5 from this site and I downloaded 7.0.4.0 from another site and they all reported the same problem.

              Thanks all!

              Comment


                #8
                With virus database 5070 the issue is gone on 7.0.4.5 Beta, haven't tested last final.
                人生は贈り物であり、完全な喜びを経験する必要があります
                Life is a gift and should be experienced in full joy

                Comment


                  #9
                  Originally posted by Blazkowicz View Post
                  With virus database 5070 the issue is gone on 7.0.4.5 Beta, haven't tested last final.
                  Confirmed, Thanks!!

                  Comment


                    #10
                    I recall a while back that having check for newer version, ticked off was giving false +ves, disabbling the chrec for updates resolved it. Hope this will help.
                    Chris

                    Comment


                      #11
                      Originally posted by chris View Post
                      I recall a while back that having check for newer version, ticked off was giving false +ves, disabbling the chrec for updates resolved it. Hope this will help.
                      Sorry, forgot to mention I am using full version of AVG.
                      Chris

                      Comment


                        #12
                        Originally posted by chris View Post
                        I recall a while back that having check for newer version, ticked off was giving false +ves, disabbling the chrec for updates resolved it. Hope this will help.
                        In this case, I think it was just caused by something in the virus definitions that flagged something in the exes packed in the installer as having an infection. I had an old version of 7.0.1.2 on my machine that I had been using for a while and after the definition update that package was supposedly infected as well.

                        Comment

                        Working...
                        X