Antivirus: F-Secure Client Security 9
Screenshot:
Trojan found in 5.2 uninstaller.exe
Trojan: http://www.f-secure.com/v-descs/trojan-downloader_w32_heurfu_gen.shtml
Antivirus: F-Secure Client Security 9
Screenshot:
Antivirus: F-Secure Client Security 9
Screenshot:
Screenshot link: http://imgur.com/a/u10P4
-
- Site Admin
- Posts: 7279
- Joined: 9 Dec 2007
Virus scanners ocassionally show false positives, especially with their
heuristics algorithms.
Therefore always double check with other scanners to get a clear picture, e.g.
https://www.virustotal.com
Report on current FFS v5.2:
https://www.virustotal.com/file/a9315ac89ede77b6e1a0166adfebfbc61fd1cf12640870a0fc90b1269babaa19/analysis/
heuristics algorithms.
Therefore always double check with other scanners to get a clear picture, e.g.
https://www.virustotal.com
Report on current FFS v5.2:
https://www.virustotal.com/file/a9315ac89ede77b6e1a0166adfebfbc61fd1cf12640870a0fc90b1269babaa19/analysis/
-
- Site Admin
- Posts: 7279
- Joined: 9 Dec 2007
Found what triggered the false positive:
[404, Invalid URL: https://sourceforge.net/tracker/index.php?func=detail&aid=3515653&group_id=234430&atid=1093080]
[404, Invalid URL: https://sourceforge.net/tracker/index.php?func=detail&aid=3515653&group_id=234430&atid=1093080]
- Posts: 1
- Joined: 26 Mar 2010
I too just had the same issue - same Trojan file found --
Gen:Trojan.Heur.FU.gy3@a4Z0j0bi
I just recently started using FreeFileSync v5.2.0.0 yesterday and my AV
program just popped up a few minutes ago
for the first time saying it found and disinfected the uninstall.exe file.
Then it deleted it.
If this truely is a mistake, I will tell my AV program's support team about it
and give them the info as stated here.
If this is a glitch in the program... Please, report it to the developer and
fix it.
Thank you.
Gen:Trojan.Heur.FU.gy3@a4Z0j0bi
I just recently started using FreeFileSync v5.2.0.0 yesterday and my AV
program just popped up a few minutes ago
for the first time saying it found and disinfected the uninstall.exe file.
Then it deleted it.
If this truely is a mistake, I will tell my AV program's support team about it
and give them the info as stated here.
If this is a glitch in the program... Please, report it to the developer and
fix it.
Thank you.
-
- Site Admin
- Posts: 7279
- Joined: 9 Dec 2007
> If this truely is a mistake, I will tell my AV program's support team
Thanks. The only difference is usage of NSIS command "VIAddVersionKey"
Here the analyis *with* version info:
https://www.virustotal.com/file/b4bc97f72c446980232b67ab447fa2c5e9ffc632733131c6600cf49d6e85934b/analysis/
Here without version info
https://www.virustotal.com/file/7200574839e227530a6ac97594fcec5e4f0819a69656b663697c5d6e93a5decd/analysis/1335348775/
No false detection anymore.
Thanks. The only difference is usage of NSIS command "VIAddVersionKey"
Here the analyis *with* version info:
https://www.virustotal.com/file/b4bc97f72c446980232b67ab447fa2c5e9ffc632733131c6600cf49d6e85934b/analysis/
Here without version info
https://www.virustotal.com/file/7200574839e227530a6ac97594fcec5e4f0819a69656b663697c5d6e93a5decd/analysis/1335348775/
No false detection anymore.
