swampy Posted September 20, 2004 Share Posted September 20, 2004 F-prot is picking up all my WinRAR SFX installers as having a virus, the monitor was going beserk every time I opened a folder with them in. All my unattended stuff is on D: fortunately, I ran a scan on C: & it even deleted default.sfx from my WinRAR install folder. I ran it on D:, report only, this is what would have been deleted:D:\xpcnew\CDROOT\$OEM$\$1\Install\Applications\Ad-Aware_SE_Professional.exe is a dropper for W32/Fyga.A@droD:\xpcnew\CDROOT\$OEM$\$1\Install\Applications\PrismDeploy5.0.exe is a dropper for W32/Fyga.A@droD:\xpcnew\CDROOT\$OEM$\$1\Install\Applications\WinRAR\winrar.exe is a dropper for W32/Fyga.A@droD:\xpcnew\CDROOT\$OEM$\$1\Install\salamand.exe is a dropper for W32/Fyga.A@droD:\xpcnew\CDROOT\I386\SVCPACK\FIX-IT~1.EXE is a dropper for W32/Fyga.A@droD:\xpcnew\CDROOT\I386\SVCPACK\OFFICE1.EXE is a dropper for W32/Fyga.A@droD:\xpcnew\FILESCD\$OEM$\$1\Install\Applications\Ad-Aware_SE_Professional.exe is a dropper for W32/Fyga.A@droD:\xpcnew\FILESCD\$OEM$\$1\Install\Applications\PrismDeploy5.0.exe is a dropper for W32/Fyga.A@droD:\xpcnew\FILESCD\$OEM$\$1\Install\Applications\WinRAR\winrar.exe is a dropper for W32/Fyga.A@droD:\xpcnew\FILESCD\$OEM$\$1\Install\sala.exe is a dropper for W32/Fyga.A@droD:\xpcnew\SVC-EXE\Fix-ItSetup.exe is a dropper for W32/Fyga.A@droD:\xpcnew\SVC-EXE\office1.exe is a dropper for W32/Fyga.A@droThe scanning ended successfully, with infected or suspicious object foundLuckily I had previous defs from 10 days ago, I overwrote the new ones & now all is fine. Just checked with a mate, he's been getting heaps of false positives, too. Link to comment Share on other sites More sharing options...
DisabledTrucker Posted September 20, 2004 Share Posted September 20, 2004 could be your virus scanner, what are you using? Link to comment Share on other sites More sharing options...
Jito463 Posted September 20, 2004 Share Posted September 20, 2004 could be your virus scanner, what are you using?F-prot is picking up all my WinRAR SFX installers as having a virus Link to comment Share on other sites More sharing options...
mazin Posted September 20, 2004 Share Posted September 20, 2004 the monitor was going ...I don't have this problem with F-Prot for DOS! Link to comment Share on other sites More sharing options...
swampy Posted September 20, 2004 Author Share Posted September 20, 2004 Reply from Eugene Roshal (WinRAR):Hello,Thank you for information. Yes, it happens time to time. WinRAR SFXmodules are compressed by UPX tool, some viruses are also compressedby UPX and sometimes antivirus developers errorneously add UPX signatureto virus list.Eugene Link to comment Share on other sites More sharing options...
McoreD Posted September 20, 2004 Share Posted September 20, 2004 Sometimes antivirus developers errorneously add UPX signatureto virus list.So that means it shouldn't be added, should it? Hopefully F-Prot will fix it in their next version. Link to comment Share on other sites More sharing options...
Dessip Posted September 21, 2004 Share Posted September 21, 2004 You could always try running a online virus scan, i know that panda inline virus scan was a good online scanner. Then if they pop up wit it, try another scanner if that pops up with it then u probbally have had a virus thatwrite itself to other files. Link to comment Share on other sites More sharing options...
swampy Posted September 21, 2004 Author Share Posted September 21, 2004 New defs out- all fixed. I just didn't want anyone to lose there hard work. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now