Jump to content
You must now use your email address to sign in [click for more info] ×

1.5.0.6 flagged as including Trojan files?


Recommended Posts

Have just installed the latest beta.  Installation was rather slower than previous versions, especially for the M$ NET requirement but seemed to go without hitch.

 

Following a reboot, the new version opened and, although I have not seriously tested it yet, seems to perform without difficulty.

 

However, when I just now returned to my computer I was confronted with a security message from my AV, Bullguard Internet Security, with a message that a series of files, apparently installed at the time of the upgrade are Trojans and they have been quarantined!  I assume these files actually came from the NET Framework installation since they were all located in

C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web.Routing\ 

or

C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio53a7a42c#\ 

or

C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\

 

Obviously (I hope) there are additional file names at the end of each string above, 4 for the first location, 2 for the second and 8 for the third.  All are described by Bullguard as "Trojan.Generic".

 

I can retrieve these files from quarantine but have not done so yet since AD still seems to run without problem, but I would welcome a developer's/moderator's input on this. 

 

Thoughts/advice, please!  Thank you.

 

Jeff

Win 10 Pro, i7 6700K, 32Gb RAM, NVidia GTX1660 Ti and Intel HD530 Graphics

Long-time user of Serif products, chiefly PagePlus and PhotoPlus, but also WebPlus, CraftArtistProfessional and DrawPlus.  Delighted to be using Affinity Designer, Photo, and now Publisher, version 1 and now version 2.

iPad Pro (12.9") (iOS 18.0.1) running Affinity Photo and Designer version 1 and all three version 2 apps.

Link to comment
Share on other sites

Hi, this is the first report we've heard of, and as you say, those files appear to be from the .NET installer (we certainly don't install anything there). It might be worth contacting the makers of Bullguard Internet to see what they have got to say.

Link to comment
Share on other sites

You can uploader the data even at VirusTotal If there more than your AV show something I would be worried. If only your AV strike, it's probably a false message. I would file send to your AV Manufacturer times.

VirusTotal - Free Online Virus, Malware and URL Scanner

 

Rig:Board: GigaByte Z97X-Gaming 3 ,CPU: Intel Core i7-4790K CPU @ 4.00GHz, GPU: GeForce GTX 970, RAM: 16 GB / 2 x Crucial BLS8G3D1609DS1S00 8GB DIMM DDR3 PC3-12800U DDR3-1600 (9-9-9-24 5-39-12-6), Display: ACI VS248 24" 1920x1080, 60Hz, OS:Microsoft Windows 10 Pro x64, Main HDD: ADATA SP900 (256GB, SATA600, SSD), driver always up to date. :)

Link to comment
Share on other sites

Thank you Mark and Max.

 

I am in contact with Bullguard support and await their response.

 

Jeff

Win 10 Pro, i7 6700K, 32Gb RAM, NVidia GTX1660 Ti and Intel HD530 Graphics

Long-time user of Serif products, chiefly PagePlus and PhotoPlus, but also WebPlus, CraftArtistProfessional and DrawPlus.  Delighted to be using Affinity Designer, Photo, and now Publisher, version 1 and now version 2.

iPad Pro (12.9") (iOS 18.0.1) running Affinity Photo and Designer version 1 and all three version 2 apps.

Link to comment
Share on other sites

For anyone else finding this thread: Bullguard Support agree all the affected files are "false positives" and have updated their AV definitions accordingly.

Win 10 Pro, i7 6700K, 32Gb RAM, NVidia GTX1660 Ti and Intel HD530 Graphics

Long-time user of Serif products, chiefly PagePlus and PhotoPlus, but also WebPlus, CraftArtistProfessional and DrawPlus.  Delighted to be using Affinity Designer, Photo, and now Publisher, version 1 and now version 2.

iPad Pro (12.9") (iOS 18.0.1) running Affinity Photo and Designer version 1 and all three version 2 apps.

Link to comment
Share on other sites

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.