Igor.exe Home Of A Trojan?
Posted Oct 12 2017 - 09:22 AM
New installation of GPL from scratch using the GPLworld installer. KAV moved iGOR.exe to quarantine because of Trojan.Win32.Snojan.bsbm. I doubt KAV is right. Any ideas?
Posted Oct 12 2017 - 09:26 AM
Posted Oct 12 2017 - 09:39 AM
It' not easy to persuade KAV to leave iGOR.exe alone because it deletes or moves it to quarantine in seconds. You have to shut down KAV before.
Edited by Alter, Oct 12 2017 - 10:09 AM.
Posted Oct 12 2017 - 12:31 PM
Posted Oct 12 2017 - 01:41 PM
Posted Oct 12 2017 - 01:55 PM
The same has happened to me with KAV.... but it deleted the two files (iGOR.exe and GEM 2.exe). Now Itry to play GPL again and if I have problems I'll reinstall the GEM complete. There is no alternative.
Thanks to Danny in any case. I supposed it could be a false positive and now Ihave it confirmed.
Posted Oct 15 2017 - 02:58 AM
In my case KAV didn't really delete the file. Maybe you find them in the quarantine directory to put them back to where they belong.
Posted Oct 15 2017 - 01:44 PM
I have added it to exceptions.
Edited by Stefan Roess, Oct 15 2017 - 01:45 PM.
Posted Oct 15 2017 - 02:13 PM
It's always a good idea to keep a backup of your GPL installation so you can restore individual files which may get corrupted or deleted for various reasons.
I used to work for McAfee as a software QA test engineer, testing the VirusScan anti-virus engine, and doing false alarm testing on new AV driver sets. It was fairly common for new anti-virus drivers to false alarm on older files. When you need to write a completely new class of anti-virus driver to cope with a new breed of malware (eg when network-infecting 'worms' appeared) it's easy to forget about the safeguards which prevent your AV from triggering on older files. That's where my testing came in. If a driver set false-alarmed on my test rig, it got passed back to the researchers with the details of the failure, and a smiley message saying "Try again guys!".
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users