«

[MinigunFiend]

I ditched AVG specifically to use Avast! because AVG was causing Half-Life 2: Episode 2 to crash with 'out of virtual memory' errors.

I checked Valve's help and support section, and apparently AVG assigns itself stupid amounts of virtual memory, even if you disable it.
One uninstall later, and Episode 2 hasn't crashed since.

[gregor]

ugh.... what does it mean if Sophos detects one file suspicious and one file as possible malicious software that intends to download trojans? I mean a few others also found it suspicious file and one even sort of named it: Trojan-Downloader.Win32.Small.BXA

but all major ones did no such thing. Panda sajs suspicious, Avira, AVG, AVAST, MCAFEE, F-PROT, NOD32v2 etc they are all negative. is this programme really a virus? or would it be OK to use it?

[DeathDude]

Might be a false positive, you can also try Trend Micro's Online scan housecall for one more check. I'd personally move the file for the time being till you can tell for sure if the file is really a trojan or if it could just be a false positive, no harm done for moving it.

Do a google search on that trojan too, to see what is being said about the file, it also should give you a better idea on what it is capable of doing, should the file in question actually be that particular trojan.

[gregor]

no problem there... it's on a CD anyway... only i planned to give the CD to someone and i don't want to give a bad thing.

The thing they found different programes describe it as different virus or malware.

the ones that actually do describe it as a possible virus talk about a program that will connect to other porgrammes in web and download malware/trojans... some say the risk is high. others say the risk is possible...

i just find it hard to believe only some programmes on that virustotal.com consider it to be a virus. while most major ones don't find it as a virus.

i did a search on sophos and info i got is that one might be false positive especially for keygen porgames. but the other one there is hardly anything appart form the info on sophos itself.

could it be some home made computer virus that best virus scans don't recognise as a virus?

[DeathDude]

Sounds like that program or file in question could also be considered spyware, with the terms that are used about downloading malware/trojans, sometimes trojans are grouped into the same category now a days, especially with the extent and damage spyware is causing nowadays.

Anyways did you do a google search on the file/program that was identified? Maybe look around the security forums that are out there and see if anything pops up about said file. If a lot of the major virus programs are saying nothing about the file, then it might just be a false positive. I know back in the day sophos was pretty notorious around the security forums for having a lot of false positives, not sure if thats changed, but might still apply in this case, especially if you are not getting a lot of info about the trojan on other security sites.

[gregor]

nope nothing virus like on the file.

like i said the only worry i have is that it's some home made virus thing that is not identified by virus scans. or is identified by some only through heuristics.

however it gave me back nothing. the pathc.exe seems to be only noCD crack while the other programe only points to copied .nfo text in forums and how to install it :-).

these are dictionaries, but they sell all of them in same package at a very high price. however i only need a few so i decided to go torrenting.

i will try some (anti)virus forums to see what they think. but i think this could well be false positive.

just to think i wouldn't even question it at my own computer with Avira, cause it simply wouldn't recognise it as a virus. :/ and japofran said they have a good recognision. plus i think that if oyu block the programe with firewall form accessing the firewall, how can it download anything malicious?:eek:

[Japo]

Quote:

Originally Posted by gregor

plus i think that if oyu block the programe with firewall form accessing the firewall, how can it download anything malicious?:eek:

True if what the virus tries to do is access the web, a firewall with outbound protection should thwart it. That is, provided the virus doesn't manage to leak through the firewall or kill it outright. :eek: And a firewall will only prevent it from accessing the web, not from formatting your hard drive and the like.

It's probably a false positive, but try to be sure.

[Nick]

Me using AVG too. I discovered with horror, that in our LAN are evil users present, so I decided to get some protection.