topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Friday March 29, 2024, 9:58 am
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: A virus according to Kaspersky  (Read 7570 times)

ummo

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 2
    • View Profile
    • Donate to Member
A virus according to Kaspersky
« on: March 04, 2009, 10:25 AM »
Have long used "Clipboard Help+Spell" without the slightest problem. Yesterday, the version of Kaspersky Internet Security 7.0.0.125, updated with its latest database, I found this program as a virus:

http://img14.imageshack.us/img14/9731/virus1d.jpg
A virus according to Kaspersky
http://img299.imageshack.us/img299/9751/virus2.jpg
A virus according to Kaspersky


I wonder how can I see this a virus the likes of Kaspersky, if someone else has happened and if anyone has contacted them to find out what happened.

Thanks

Lashiec

  • Member
  • Joined in 2006
  • **
  • Posts: 2,374
    • View Profile
    • Donate to Member
Re: A virus according to Kaspersky
« Reply #1 on: March 04, 2009, 10:34 AM »
Probably another false positive, even more considering that Bagle is a worm that uses e-mail to propagate itself.

mouser

  • First Author
  • Administrator
  • Joined in 2005
  • *****
  • Posts: 40,896
    • View Profile
    • Mouser's Software Zone on DonationCoder.com
    • Read more about this member.
    • Donate to Member
Re: A virus according to Kaspersky
« Reply #2 on: March 04, 2009, 10:45 AM »
Im getting so d*mn frustrated by these ridiculous antivirus false alarms by lazy companies like Kaspersky.. I can't tell you how angry i am at these companies.

You are right to be cautious and to ask about it -- but it is a false alarm, there is no virus in the program.  The best way to double check such things is to check the file in question with a site like VirusTotal: http://www.virustotal.com/

Such sites use multiple engines to reduce the risk of false positives.

Never trust an antivirus tool that tells you it thinks it has identified some unknown or suspicious file using some "advanced heuristic" mode -- thats just their way of saying "we want to win the award for most viruses detected and we dont care how many false alarms we generate"

In a day or so, like ALWAYS, kaspersky will fix their database and the warning will go away, but not after scaring thousands of people.  And then they will do it again in a month or so.

I've contacted them about it -- you could help out by sending the program to them through kaspersky to help them correct their database, step by step instructions here: http://forum.kaspers....php?showtopic=13881

mouser

  • First Author
  • Administrator
  • Joined in 2005
  • *****
  • Posts: 40,896
    • View Profile
    • Mouser's Software Zone on DonationCoder.com
    • Read more about this member.
    • Donate to Member
Re: A virus according to Kaspersky
« Reply #3 on: March 04, 2009, 10:52 AM »
here's virustotal on latest Clipboard Help+Spell:

Screenshot - 3_4_2009 , 10_50_43 AM.pngA virus according to Kaspersky

(note that even kaspersky here says its fine -- maybe you have some optional heuristic options engaged? don't trust them)
(and note the total bullshit "paranoid heuristic" and "generic" warnings which are basically god's way of telling you not to trust these antivirus tools)

mouser

  • First Author
  • Administrator
  • Joined in 2005
  • *****
  • Posts: 40,896
    • View Profile
    • Mouser's Software Zone on DonationCoder.com
    • Read more about this member.
    • Donate to Member
Re: A virus according to Kaspersky
« Reply #4 on: March 04, 2009, 10:56 AM »
one last thing i wanted to point out:

as angry as i get when i hear about one of these false positives -- i really do appreciate people like ummo taking the time to post about them after encountering them -- because it means i can contact the antivirus company and minimize the damage, as well as post a reply so people can see there is no virus.  that is much better than no one saying anything and having people get scared and come to the forum and not see any announcement about the problem.  so thank you ummo.  :up:

mouser

  • First Author
  • Administrator
  • Joined in 2005
  • *****
  • Posts: 40,896
    • View Profile
    • Mouser's Software Zone on DonationCoder.com
    • Read more about this member.
    • Donate to Member
Re: A virus according to Kaspersky
« Reply #5 on: March 04, 2009, 10:59 AM »
By the way, CHS was updated recently, and if kaspersky is alerting on an old verion, you might want to grab new version and see if the problem goes away until they fix their database.

ummo

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 2
    • View Profile
    • Donate to Member
Re: A virus according to Kaspersky
« Reply #6 on: March 04, 2009, 01:24 PM »
one last thing i wanted to point out:

as angry as i get when i hear about one of these false positives -- i really do appreciate people like ummo taking the time to post about them after encountering them -- because it means i can contact the antivirus company and minimize the damage, as well as post a reply so people can see there is no virus.  that is much better than no one saying anything and having people get scared and come to the forum and not see any announcement about the problem.  so thank you ummo.  :up:
I do not deserve thanks, it's the least we can do in gratitude for enjoying a very useful program.

I already thought it was a false positive, so that my idea was to inform all of this false positive. I did not see anyone referring to, so consider it necessary to talk about it to others they know to whom they can pass the same.

Interestingly, at this very moment I have re-analyze the file (version 1.19.02, which I downloaded the new version to upgrade) and now tells me that is not infected. It is curious that in a few hours of passing a virus to be completely clean.

The heuristic analysis is as default, enabled the analysis of the mail and the Internet, but not for files.

In order that you have to thank me for your time and your work.

Sorry if there are grammatical errors, but these do not speak English and translators are not very accurate  ;)