Announcement

**Blazkowicz** · 04-28-2010, 08:12 PM

It is a false positive.

**Chameleon** · 04-28-2010, 08:16 PM

Originally posted by kevinrc View Post

I was using 7.0.1.2 until today when I was prompted to update to 7.0.4.0 which I did. As soon as I tried to run it my AV software (ESET Smart Security 4) quarantined the DVDFab.exe file due to infection by Win32/Kryptic.EAB trojan variant. I've tried to download 7.0.4.0 and 7.0.4.5 and they are both flagged as infected. Anyone else able to verify or is my AV being overzealous?

Where did you download the file from, because that variant did not come from the Fab Website.

**Blazkowicz** · 04-28-2010, 08:25 PM

Chameleon, it came from fab website.

**GregiBoy** · 04-28-2010, 08:26 PM

@Chameleon

You are correct. The current beta file name is DVDFab7045Beta.exe

**Blazkowicz** · 04-28-2010, 08:28 PM

GregiBoy, when it is installed, user has DVDFab.exe and that one gets reported as the virus stated above by ESS.

**kevinrc** · 04-28-2010, 08:43 PM

It's definitely a false positive. I disabled real-time file system protection while installing the 7.0.4.0 update and then immediately enabled it after it completed and everything is working just fine and nothing is claiming to be infected. There's also nothing requesting access to the internet so it does appear to be a false positive. Hopefully they'll get it fixed soon.

@Chameleon: I actually downloaded both 7.0.4.0 and 7.0.4.5 from this site and I downloaded 7.0.4.0 from another site and they all reported the same problem.

Thanks all!

**Blazkowicz** · 04-28-2010, 09:47 PM

With virus database 5070 the issue is gone on 7.0.4.5 Beta, haven't tested last final.

**kevinrc** · 04-29-2010, 12:47 AM

Originally posted by Blazkowicz View Post

With virus database 5070 the issue is gone on 7.0.4.5 Beta, haven't tested last final.

Confirmed, Thanks!!

**chris** · 04-29-2010, 02:27 AM

I recall a while back that having check for newer version, ticked off was giving false +ves, disabbling the chrec for updates resolved it. Hope this will help.

**chris** · 04-29-2010, 12:55 PM

Originally posted by chris View Post

I recall a while back that having check for newer version, ticked off was giving false +ves, disabbling the chrec for updates resolved it. Hope this will help.

Sorry, forgot to mention I am using full version of AVG.

**kevinrc** · 04-29-2010, 03:19 PM

Originally posted by chris View Post

I recall a while back that having check for newer version, ticked off was giving false +ves, disabbling the chrec for updates resolved it. Hope this will help.

In this case, I think it was just caused by something in the virus definitions that flagged something in the exes packed in the installer as having an infection. I had an old version of 7.0.1.2 on my machine that I had been using for a while and after the definition update that package was supposedly infected as well.

Announcement

7.0.4.0 & 7.0.4.5 infected with trojan?

7.0.4.0 & 7.0.4.5 infected with trojan?

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment