| Forum Home | ||||
| PC World Chat | ||||
| Thread ID: 74854 | 2006-12-07 20:29:00 | pcworld.com download program has a trogan | netchicken (4843) | PC World Chat |
| Post ID | Timestamp | Content | User | ||
| 504918 | 2006-12-07 20:29:00 | I can't warn people on the .com site, so maybe here it will get through. I tried to download a program to give my computer Vista start menu Vista start menu 2.02 freeware www.pcworld.com which has been downloaded 4300 times. Yet AVG brings up a warning that it has the PSW.Lineage trogan. Gee you think they would have checked it first :) |
netchicken (4843) | ||
| 504919 | 2006-12-07 20:57:00 | My NOD32 finds nothing. :eek: | CYaBro (73) | ||
| 504920 | 2006-12-07 21:10:00 | False positive maybe? | Erayd (23) | ||
| 504921 | 2006-12-07 21:17:00 | Good point ... the AVG is totally new - installed yesterday with new updates. I guess you take your chances with it :) Real or false :) | netchicken (4843) | ||
| 504922 | 2006-12-07 21:19:00 | Most likely to be a false positive. The vendors website looks reasonably legit and carries with it this info in the FAQ: My firewall informs me about a suspicious activity. The program uses a system of hooks for integration with the "Start" menu. A hook is a special library named VistaStartMenu.dll. It detects when the user moves the mouse pointer to the "start" button in order to replace the standard menu with its own one. Some firewalls detect adding new hooks because they can be used for spying and inform you about it. Vista Start Menu neither spies on the user nor sends any data via the Internet if it is downloaded from the developers' official site. We are not responsible for software obtained from other sources. www.vistastartmenu.com |
Scott Bartley (836) | ||
| 504923 | 2006-12-07 21:27:00 | What virus database is your AVG running? 759 (today) doesn't find anything. If you want to double check a file you can upload it to http://virusscan.jotti.org/ None of the antivirus softwares there found anything either but the site did have the following comment "Sandbox emulation took a long time and/or runtime packers were found, this is suspicious. Normally programs aren't packed and don't force the sandbox into lengthy emulation. Do realize no scanner issued any warning, the file can very well be harmless. Caution is advised, however." AFAIK runtime packers are commonly used now as a means of stopping people reverse engineering software. |
PaulD (232) | ||
| 1 | |||||