Jump to content
rolf2

GData Antivirus detects trojaner in version 4.5.8.7035

Recommended Posts

Same applies to F-ecure Client Security. I've contacted them and they have analysed the zBOEjRg.dll in their lab and confirmed that it is really malicious:

"Our analysis indicates that the file you submitted is malicious and is already detected as  Trojan.Generic.23046655  in the latest database update."

I'd recommend to revoke your update and rebuild it with clean libraries...

Share this post


Link to post
Share on other sites

Saying that the file is "malicious" isn't really an analysis. What they are probably complaining about is the advertisement in the installer of CDBurnerXP, and if that is the case they should say so and not come up with this "malware" story.

Share this post


Link to post
Share on other sites

I don't think I can spend as much time as neccessary to deal with a varying selection of 66 AV vendors.  I'll check with installCore if these issues can be avoided somehow.

Share this post


Link to post
Share on other sites
On 10/1/2018 at 5:55 PM, floele said:

I think you need to ask GData.

Hello again,

sorry for the delay, I have now asked GData as promised. It's probably not a Trojan after all. They answered the following:

Quote

 

The submitted files are currently recognized by us as Win32.Application.OpenCandy.O (Engine B).

 They have been declared as PUP (potentially unwanted program).

Herewith we send you the instructions for the removal of potentially unwanted programs (PUP).

In contrast to viruses and Trojans, PUP is not classic malware. Nevertheless, these programs can be extremely annoying for the user, as they often push themselves aggressively into the foreground.

Further information about PUP can be found in the G DATA Security Blog - https://www.gdata.de/blog/2013/10/23838-potentiell-unerwunschte-programme-viel-mehr-als-nur-nervig.

 

Best regards
Rolf

Share this post


Link to post
Share on other sites
8 hours ago, rolf2 said:

Win32.Application.OpenCandy.O (Engine B).

OpenCandy no longer exists anymore. Interesting that they still detect that.

However, you probably see the huge discrepancy between what the AV application communicates and what the actual problem is. Even more so since all PUP are considered equal and it's completely disregarded what kind of applications are installed and how the options are presented (so whether or not the user is being tricked into installing something).

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.