Online Armor Download Came With Trojan Horse

 CastleCops -> Firewalls
Author: BigFelixLocation: San Diego PostPosted: Sun Apr 13, 2008 10:25 am    Post subject: Online Armor Download Came With Trojan Horse
Earlier today, my daily AVG scan found two threats--both SHeur.BEKO and both infecting OA's oaui.exe. Healing left the firewall disabled. I downloaded anew, and during the installation AVG found the same Trojan Horse infecting the program. I'm now using Comodo.
Author: lordpakeLocation: Helsinki ~ European Union PostPosted: Sun Apr 13, 2008 11:00 am    Post subject:
That sounds to me like a heuristic false positive. Did you report this to Grisoft?
Author: BigFelixLocation: San Diego PostPosted: Sun Apr 13, 2008 11:14 am    Post subject:
No. Why today not yesterday. I had my doubts but don't want to take any chances.
Author: lordpakeLocation: Helsinki ~ European Union PostPosted: Sun Apr 13, 2008 12:33 pm    Post subject:
BigFelix wrote:
No. Why today not yesterday. I had my doubts but don't want to take any chances.

Obviously there has been a change in definitions that caused this false positive.

Online Armor is trusted, reputable software. And this has all the hallmarks of false positive. It happens to every AV vendor every now and then.

If you have doubts (and in this case you really should have!), submit the detected file to Virustotal and to Grisoft (especially to latter).

Never have blind faith in your AV, they can make mistakes especially when it comes to other security software, as they may employ self-defence and other methods to protect themselves/detect malware.
Author: BigFelixLocation: San Diego PostPosted: Sun Apr 13, 2008 2:52 pm    Post subject:
I ran "scared"' because I'm in the midst of Trend Micro HijackThis testing to cure me of existing problems. But I accept your advice and will contact Grisoft.
CastleCops -> Firewalls

All times are GMT

Page 1 of 1


Powered by phpBB © 2001 phpBB Group