Jump to content
rolf2

GData Antivirus detects trojaner in version 4.5.8.7035

Recommended Posts

Hi,

GData Antivirus detects trojaner in download file  cdbxp_setup_4.5.8.7035.exe.

Do you have some explanation for that?

Best regards

rolf2

20181001gdata-warning.png

Share this post


Link to post
Share on other sites

Same applies to F-ecure Client Security. I've contacted them and they have analysed the zBOEjRg.dll in their lab and confirmed that it is really malicious:

"Our analysis indicates that the file you submitted is malicious and is already detected as  Trojan.Generic.23046655  in the latest database update."

I'd recommend to revoke your update and rebuild it with clean libraries...

Share this post


Link to post
Share on other sites

Saying that the file is "malicious" isn't really an analysis. What they are probably complaining about is the advertisement in the installer of CDBurnerXP, and if that is the case they should say so and not come up with this "malware" story.

Share this post


Link to post
Share on other sites

I don't think I can spend as much time as neccessary to deal with a varying selection of 66 AV vendors.  I'll check with installCore if these issues can be avoided somehow.

Share this post


Link to post
Share on other sites
On 10/1/2018 at 5:55 PM, floele said:

I think you need to ask GData.

Hello again,

sorry for the delay, I have now asked GData as promised. It's probably not a Trojan after all. They answered the following:

Quote

 

The submitted files are currently recognized by us as Win32.Application.OpenCandy.O (Engine B).

 They have been declared as PUP (potentially unwanted program).

Herewith we send you the instructions for the removal of potentially unwanted programs (PUP).

In contrast to viruses and Trojans, PUP is not classic malware. Nevertheless, these programs can be extremely annoying for the user, as they often push themselves aggressively into the foreground.

Further information about PUP can be found in the G DATA Security Blog - https://www.gdata.de/blog/2013/10/23838-potentiell-unerwunschte-programme-viel-mehr-als-nur-nervig.

 

Best regards
Rolf

Share this post


Link to post
Share on other sites
8 hours ago, rolf2 said:

Win32.Application.OpenCandy.O (Engine B).

OpenCandy no longer exists anymore. Interesting that they still detect that.

However, you probably see the huge discrepancy between what the AV application communicates and what the actual problem is. Even more so since all PUP are considered equal and it's completely disregarded what kind of applications are installed and how the options are presented (so whether or not the user is being tricked into installing something).

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.