Results 1 to 16 of 16
  1. #1
    Member ShadowCat66's Avatar
    Join Date
    Aug 2001
    Location
    Oshkosh,WI
    Posts
    745

    Avast is saying One Click exe is a trogen

    This is the message I get from Avast Antivirus when I run the EXE file.I downloaded the latest from the sticky first also.


    OC-FAH-SSE-V2/.exe is infected with Win32:Trogen-gen {VC}


    Hmmm,any clues here,just a bug in Avast??
    <<< Avatar by Uber~PhLuBB, Thanks!
    Mod by shocker

    F@H team 32 Member

  2. #2
    Unoriginal Macho Moderator nikhsub1's Avatar
    Join Date
    Oct 2001
    Location
    Los Angeles
    Posts
    9,678

    Re: Avast is saying One Click exe is a trogen

    Originally posted by ShadowCat66
    This is the message I get from Avast Antivirus when I run the EXE file.I downloaded the latest from the sticky first also.


    OC-FAH-SSE-V2/.exe is infected with Win32:Trogen-gen {VC}


    Hmmm,any clues here,just a bug in Avast??
    Probably... I mean it is a strange exectutable that installs as a service and uses LOTS of CPU powah Rest assured there is no virus in it.
    Loading Signature ...

  3. #3
    Senior Kitty Power! Wedo's Avatar
    Join Date
    Oct 2001
    Location
    Lost Angeles
    Posts
    2,652
    Sweet mother.... I'm sure the footprint of the Core and FAH is throwing off the AV as there are four files in each One-Click:

    1. FAH4Console.exe
    2. Service-Setup.bat (batch file that registers and starts service)
    3. Client.cfg
    4. srvany.exe (a Microsoft program that EVERY service install uses)

    No virus, just folding.

    Wedo
    ~ Folding for Sharon, Joy, Kathy, Cathy, Nancy, Peanut, and so many others ~[/size]

  4. #4
    Member matrixzen's Avatar
    Join Date
    Jun 2003
    Location
    CA
    Posts
    1,121
    It's possible that the F@H zip might have gotten infected. If the AV software starts asking you to act, try the repair function. If it can't repair it, chances are it's not infected and it's just the virus software misdetecting it.
    Team 32 Contributor.

  5. #5
    Senior Kitty Power! Wedo's Avatar
    Join Date
    Oct 2001
    Location
    Lost Angeles
    Posts
    2,652
    Originally posted by matrixzen
    It's possible that the F@H zip might have gotten infected. If the AV software starts asking you to act, try the repair function. If it can't repair it, chances are it's not infected and it's just the virus software misdetecting it.
    Good idea, but there is no chance the zip file was infected from the download site. If the file is infected it came from the computer it was downloaded to.

    Wedo
    ~ Folding for Sharon, Joy, Kathy, Cathy, Nancy, Peanut, and so many others ~[/size]

  6. #6
    Member matrixzen's Avatar
    Join Date
    Jun 2003
    Location
    CA
    Posts
    1,121
    Same thing I was thinking. Most of the time if the file is from a reliable internet webhost and you find it's infected after you download and try to install it, it's usually just something on your machine infecting certain types of filetypes or just anything you run in general.
    Team 32 Contributor.

  7. #7
    Member
    Join Date
    Jan 2004
    Location
    indianapolis
    Posts
    549
    That just happened to me too, oh well now I know it's OK.

  8. #8
    Member rezon8's Avatar
    Join Date
    Jan 2003
    Location
    Lewisville, Tx.
    Posts
    142
    HEY! I had the exact same thing happen to me this weekend when i do my weekly scan. Came up saying "...duallie OC-one click..." was a W32 Trojan. I was gonna post something about it but decided against it thinking i somehow got it infected myself, as i was also helping a friend of mine disinfect his box, he had tons of viruses on his HD and i assumed that somehow one of the trojans had jumped over the network and infected a random file on my HD or something. I deleted the file, but i still have it installed and running...

    maybe we should send !avast an email or someting....

  9. #9
    Senior Member RoadWarrior's Avatar
    Join Date
    Nov 2001
    Location
    Niagara Falls, Ontario, Canada
    Posts
    3,380
    There's also a possibility that it has been labelled a trojan due to irresponsible borging
    Folder in disgrace. Folding rigs may be back online eventually, just as soon as real life gives me enough breaks.

    Black Belt Ubercloxx0r

    "Even though large tracts of Europe and many old and famous Folders have fallen or may fall into the grip of OCAU and all the odious apparatus of [H]ardOCP rule, we shall not flag or fail."

    "We shall go on to the end, we shall fold on the Newcastles, we shall fold on the Northwoods and Prescotts, we shall fold with growing confidence and growing strength on Venice, we shall defend our Forum, whatever the cost may be, we shall fold on the Winchesters, we shall fold on the Bartons, we shall fold on the Applebreds and Thunderbirds, we shall fold on the Coppermines; we shall never surrender!"

  10. #10
    Member matrixzen's Avatar
    Join Date
    Jun 2003
    Location
    CA
    Posts
    1,121
    I wouldn't be surprised if that happened. If people borg computers without the owner's permission, and when they see it running, they are like "how did that get there?" Thus it is becomes labeled at a virus.
    Team 32 Contributor.

  11. #11
    Member ShadowCat66's Avatar
    Join Date
    Aug 2001
    Location
    Oshkosh,WI
    Posts
    745
    LOL,sorry Wedo,I didnt mean to cause a stir.I figured it wasnt infected.Just wanted to point it out to everyone what happened and the slim chance something could have been wrong.
    <<< Avatar by Uber~PhLuBB, Thanks!
    Mod by shocker

    F@H team 32 Member

  12. #12
    Senior Kitty Power! Wedo's Avatar
    Join Date
    Oct 2001
    Location
    Lost Angeles
    Posts
    2,652
    Originally posted by ShadowCat66
    LOL,sorry Wedo,I didnt mean to cause a stir.I figured it wasnt infected.Just wanted to point it out to everyone what happened and the slim chance something could have been wrong.
    No worries, if you didn't bring it to our attention someone else would. It's just funny to me because it's a totally love-hate with the One-Click. Either people are lovin' it because of the easy install or I read threads about how f'ed up the program is even though it's worked on hundreds of machines.

    I'll try to score some time this week and send an email to the AV people and figure out why the dually version is coming up as a virus. I'm wondering if it's because the Dually puts a thing in the add/remove and the singles do not.

    Wedo
    ~ Folding for Sharon, Joy, Kathy, Cathy, Nancy, Peanut, and so many others ~[/size]

  13. #13
    Member
    Join Date
    Jan 2004
    Location
    indianapolis
    Posts
    549
    I don't have the Dually version and it still came up as a virus.

  14. #14
    Senior Kitty Power! Wedo's Avatar
    Join Date
    Oct 2001
    Location
    Lost Angeles
    Posts
    2,652
    Originally posted by Andyman902042
    I don't have the Dually version and it still came up as a virus.
    Whoops, my mistake, I guess I need to check the single cpu version AND the dually? Either way, I just figured out why the One-Click comes up as a trojan.

    The One-Click is an .exe within an .exe which also registers itself in the registry and adds FAH to the service. All three of these properties are what you everyday trojan would do.

    Either way, I'll try to shoot an email to the company.

    Wedo
    ~ Folding for Sharon, Joy, Kathy, Cathy, Nancy, Peanut, and so many others ~[/size]

  15. #15
    Super Moderator
    Audioaficionado's Avatar
    Join Date
    Apr 2002
    Location
    Medford, Orygun
    Posts
    10,987
    I love both the duallie and single One-clicks. I'll use that 4-client One-Click for HT duallies when I build my Xeon duallie soon.

    At least you have your own name in the default cfg so silly borgers won't keep feeding that One-Click folding monster that's passed me twice before.

    AVG free doesn't seem to mind One-Click nor do Ad-Aware & Spybot S&D.

    Np at my end.

    Thanx Wedo for all the tools
    .....................................My HeatwareMyFAH Stats
    .......................Folding is a marathon, not a sprint audioaficionado
    Asus Commando, 8GB GSkill 5-5-5-15-2t PC6400, Q6600 @3.0GHz >SMP2+GPU3 FAH 24/7
    Gigabyte DS3, 3GB GSkill 5-5-5-15-2t PC6400, E6400 @3.0GHz
    Asus P5Q PRO Turbo, 4GB GSkill 5-5-5-15-2t PC6400, E6600 @3.0GHz
    Iwill DH800, 2GB OCZ4002048PFDC-K 2.5-3-3-8-1t, Dual 2.4 M0 Xeons 1.5v/880/3300
    Help improve overclockers.com! Get involved!

    You have over 101 signatures and Can't see the classifieds???Click This Link
    Anyone we catch cookie stuffing at this site will be banned on the spot!!

  16. #16
    Member ShadowCat66's Avatar
    Join Date
    Aug 2001
    Location
    Oshkosh,WI
    Posts
    745
    Originally posted by Audioaficionado
    I love both the duallie and single One-clicks. I'll use that 4-client One-Click for HT duallies when I build my Xeon duallie soon.

    At least you have your own name in the default cfg so silly borgers won't keep feeding that One-Click folding monster that's passed me twice before.

    AVG free doesn't seem to mind One-Click nor do Ad-Aware & Spybot S&D.

    Np at my end.

    Thanx Wedo for all the tools

    Its only the program EXE file it doesnt like.After its installed,it seems fine.
    <<< Avatar by Uber~PhLuBB, Thanks!
    Mod by shocker

    F@H team 32 Member

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •