Henk Kelder Posted June 2, 2015 Share Posted June 2, 2015 I installed latest version of DVDViewer pro. That is Beta 5.4.1. Symantec Endpoint Protection detects VODSource.AX as a virus. Quote Link to comment
Tjod Posted June 2, 2015 Share Posted June 2, 2015 I would assume that this is a false alert. So you should report this as false alert to Symantec. Quote Link to comment
Henk Kelder Posted June 5, 2015 Author Share Posted June 5, 2015 I would assume that this is a false alert. So you should report this as false alert to Symantec. 'Assuming' and 'knowing' are two different things. Based on what should I 'Assume' Symantec is wrong? Quote Link to comment
HaraldL Posted June 5, 2015 Share Posted June 5, 2015 Based on what should I 'Assume' Symantec is wrong? https://isc.sans.edu/forums/diary/Symantec+FalsePositive+on+Filezilla+NASA+World+Wind/3150 https://isc.sans.edu/forums/diary/Symantec+FalsePositive+Issue+with+XLS+Files+BloodhoundExploit459/13162/ https://www.cygwin.com/ml/cygwin/2014-05/msg00468.html http://www-01.ibm.com/support/docview.wss?uid=swg21903684 http://www.computerworld.com/article/2545309/security0/symantec-false-positive-cripples-thousands-of-chinese-pcs.html Only a few I found with google. Not only a Symantec problem, happens with other snake oil products too that use heuristic to "assume" something is dangerous. Quote Link to comment
Tjod Posted June 5, 2015 Share Posted June 5, 2015 I assume you got the setup from the members section and I assume you don't have a virus on you system that is infecting files. And as HaraldL pointed out False-Positive are appearing consistently. Only if a anti-virus software removes parts from it selves or from windows it will hit the press for sure. Quote Link to comment
Hansrh Posted June 7, 2015 Share Posted June 7, 2015 I tested the file @ Virustotal and the result showed that 4 virusscanners out of 57 reported the file as infected but had identified different infections. All other virusscanners - 53 out of 57 - found no threat. Attached a copy of Virustotal result. VODSource.ax - VirusTotal.pdf Quote Link to comment
Tjod Posted June 7, 2015 Share Posted June 7, 2015 Why posting a .pdf instead of a link to the results? https://www.virustotal.com/de/file/8425556fb097ed86b00afcfd0d0ca5729f2b69188b1bfca2891c6e2a4e68a152/analysis/ 1 Quote Link to comment
Hansrh Posted June 7, 2015 Share Posted June 7, 2015 Guess I never thought about it Tjod Quote Link to comment
serkanguzel Posted June 8, 2015 Share Posted June 8, 2015 I tested the file @ Virustotal and the result showed that 4 virusscanners out of 57 reported the file as infected but had identified different infections. All other virusscanners - 53 out of 57 - found no threat. Attached a copy of Virustotal result. VODSource.ax - VirusTotal.pdf Congratulations ! I also output the same results in the searching. The same virus scanning programs ... According to me; The program contains the virus. I uninstalled the 5.4.1 version. I did a thorough cleaning on the PC. Put trojan programs, it has shaken confidence in the DVBViewer program. DVBViewer authors are played in the sand. Shame shame !... Quote Link to comment
hackbart Posted June 8, 2015 Share Posted June 8, 2015 Sorry but this is saçmalık/humbug. If there is a trojan it would be in every binary from us. The reason for these false alarms is that the file is: a ) quite small with its 150kb b ) has the ability to load network streams from the internet. To be honest even the SVP from Norton complained that the Antivirus tools are in its current state obsolete. Most of them try define theirselfs by detecting more than their competitors and so they increase their false alarms ratio. I don't want to search older posts from years ago, but you can easily find them here in the forum. The most heuristic engines seem to check for virulent files by using something like: if (filesize < 200kb) and (file uses WinSock or Wininet) and (it is not white listed) then file is a virus. if (file is a virus) and (file is compressed) then it is definitively a virus. What i can say is that if you use a legal copy provided by us and not one of those middle east assembled builds you can be sure that there is no virus. If you are unsure send the file to virustotal or your av provider. Quote Link to comment
serkanguzel Posted June 8, 2015 Share Posted June 8, 2015 I'm using original and licensed. I applied the method @Hansrh. Your wrote are still not enough for me. I hope; The end of the work does not result in "saçmalık/nonsense/unsinn" Therefore, I installed windos10 now. For now, I will follow events. Internet to believe what they see. There are many rogue use the same nicknames. What you see you, sometimes it is not as it seems. That dogs, I'm looking for. One lives in Egypt. Your president has accepted, Putschist general's country so... They stole secretly files to my friend from PC. You are; "right - wrong" is recognize choose waste... No problem. My friend, buying back the license. So we do not beg, do not say cancel the license. You do not know how old you are. But I'm 54 years old. Regards. Quote Link to comment
hackbart Posted June 8, 2015 Share Posted June 8, 2015 Mr. Guzel i have absolutely no idea what you want to say with your last post. All i can say is that we develop and sell a software which does not contain any kind of malicious parts. Why should we shoot ourselves in the foot with something like this? What i can say for sure is that we can not speak for those binaries provided in several forums hosted by people of a very special "cultural environment". Christian Quote Link to comment
Host Posted June 8, 2015 Share Posted June 8, 2015 i translated your english post into turkish, and i suppose i understood what you wrote. Your account has been hacked by an egypt? This does not fit into this topic, unless it means that you use now one of these copies mentioned by Christian. Quote Link to comment
serkanguzel Posted June 8, 2015 Share Posted June 8, 2015 Yes, Egyptians... We do not know the account hacking. We do not know yet. But we know precisely that; Files have been transferred from the PC. So, we had to pass the "windows 10" early. I want to say again ! They are an organized gang. They are in many forums, entering all kinds of disguises. I would recommend everyone to be careful. Regards. Quote Link to comment
PoloZ7 Posted July 18, 2015 Share Posted July 18, 2015 (edited) Respected, Christian! and is responsible for what this filter? simply and without it all works fine. Edited July 18, 2015 by PoloZ7 Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.