UBCD4Win Forums: keyfinder.exe delete by Trendmicro AV - UBCD4Win Forums

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

keyfinder.exe delete by Trendmicro AV

#1 User is offline   [email protected] Icon

  • Newbie
  • Pip
    • Group: Members
    • Posts: 1
    • Joined: 30-November 07

    Posted 30 November 2007 - 05:57 AM

    Hello,
    OK i found the posting in the other Subforum http://www.ubcd4win.com/...;hl=keyfinderpe
    For info on false positives have a look at: http://www.ubcd4win.com/faq.htm#false
    with kind regards

    Hello UBCD4Win Team,

    by installing the Software Ultimate Boot CD for Windows Version 3.10 Released: 11/25/07 my AV Scanner detect the keyfinder.exe as Virus and delete it.

    Platform: WinXP 5.1.2600
    Virus name: CRCK_JBEAN.A
    Infection sources:
    Infected file: is-JKP8K.tmp
    Path of file: D:\UBCD4Win\plugin\System-Info\Information\keyfinderpe\
    Scan type: Real-time Scan
    Scan result: OfficeScan deleted the file.

    HashCheck.txt
    plugin\System-Info\Information\keyfinderpe\keyfinder.exe, 042F13CB1818A8B9FE026A250C4EEF93 has been removed.

    with kind regards
    RMvP

    This post has been edited by [email protected]: 30 November 2007 - 06:56 AM

    0

    #2 User is offline   LittlBUGer Icon

    • Main Mirror/Here Since Beginning
    • PipPipPipPipPipPipPip
      • Group: Members
      • Posts: 4,698
      • Joined: 27-May 04
      • Location:MT, USA
      • Interests:Computers and stuff...<br /><br />:-)

      Post icon  Posted 30 November 2007 - 10:20 AM

      Ummm, I'm confused. You wrote a post about how you found a 'virus' and are having issues, but then you also stated the FAQ and whatnot where we explain it's a false positive... So, do you need help, or are you just stating the obvious? :)



      "Only two things are infinite, the universe and human stupidity, and I'm not sure about the former." - Albert Einstein
      "Computers are really strange - first everything works fine, then something goes terribly wrong and nothing works, and then - like a thunderbolt from a clear sky, everything is back to normal again. It's like nothing ever happened. Like the computer were female." - Unknown
      "Some people say that I must be a terrible person, but it's not true. I have the heart of a young boy. In a jar on my desk." - Stephen King
      "If there is anything the nonconformist hates worse than a conformist, it's another nonconformist who doesn't conform to the prevailing standard of nonconformity." - Bill Vaughan
      "Microsoft Windows [n.]: A thirty-two bit extension and GUI shell to a sixteen bit patch to an eight bit operating system originally coded for a four bit microprocessor and sold by a two-bit company that can't stand one bit of competition." - Unknown
      "When a newly married couple smiles, everyone knows why. When a ten-year married couple smiles, everyone wonders why." - Unknown
      0

      #3 User is offline   rdsok Icon

      • rdsok
      • PipPipPipPipPipPipPipPip
        • Group: Admin
        • Posts: 6,037
        • Joined: 02-October 05
        • Gender:Male
        • Location:Norman, Ok. USA

        Posted 30 November 2007 - 11:52 AM

        As usual, this is a false positive being made by your antivirus program. This often happens with many antivirus programs and the main cause is from the fact that the malware authors are also using the very same compilers and file libraries of code that normal programs use so when a new malware detection is added to the antivirus definition files... it can have enough common code with normal programs that the normal program gets misdetected as a malware threat.

        There is little that we can do about these detections except try and educate the users a bit and provide a bit of info to help support our statements.

        I'll start by using a third party confirmation for what we state that UBCD4Win has been tested by Softpedia and was awarded a 100% Clean Award as can be verified on their website here http://www.softpedia...lean-76994.html

        Since each time this happens its with a different program or detected as different threats we've can only address them in general. So we also got some info about these in the FAQ's here http://www.ubcd4win.com/faq.htm#false

        Before you do anything else... update your antivirus or other protection program and test the file again. Most of the companies will update their definitions often and may have already corrected the issue... so always test with the latest updates before you do anything else.

        We can also tell you how to double check all of the above by doing additional testing. Before you even run anything in the project... disable your On Access scanner for your protection program and then test the file or files in question at either http://virusscan.jotti.org/ or at http://www.virustotal.com . If you don't disable your protection you won't be able to upload the file because your protection software will block access to it.

        Once you have tested and proven to yourself that it truely is a false positive... report the detection to your antivirus program's company so they can correct the issue. Don't get mad at them and switch for this type of reason alone... you would only switch one set of false detections for another that another program would have... so work with the company directly to get the issue resolved and you will help all users of the antivirus program.

        If they want you to email them a copy of the file being detected... remember to archive the file ( arc, cab, tar, zip etc ) using a password and then send the archive file, tell them the password and tell them what it is being reported as along with any other info they may request.
        Plan A is always more effective when the device you are working on understands that Plan B involves either a large hammer or screwdriver....
        0

        Page 1 of 1
        • You cannot start a new topic
        • You cannot reply to this topic

        1 User(s) are reading this topic
        0 members, 1 guests, 0 anonymous users