Notices

Overclockers Forums > Overclockers.com Teams > Folding Team
Folding Team Join the Overclockers.com Protein-Folding Team and support medical research!
Forum Jump

Avast is saying One Click exe is a trogen

Post Reply New Thread Subscribe Search this Thread
 
 
Thread Tools
Old 03-16-04, 09:00 AM Thread Starter   #1
ShadowCat66
Member

 
ShadowCat66's Avatar 

Join Date: Aug 2001
Location: Oshkosh,WI

10 Year Badge
 
Avast is saying One Click exe is a trogen


This is the message I get from Avast Antivirus when I run the EXE file.I downloaded the latest from the sticky first also.


OC-FAH-SSE-V2/.exe is infected with Win32:Trogen-gen {VC}


Hmmm,any clues here,just a bug in Avast??

__________________
<<< Avatar by Uber~PhLuBB, Thanks!
Mod by shocker

F@H team 32 Member
ShadowCat66 is offline   QUOTE Thanks
Old 03-16-04, 10:12 AM   #2
nikhsub1
Unoriginal Macho Moderator

 
nikhsub1's Avatar 

Join Date: Oct 2001
Location: Los Angeles

10 Year Badge
 
Re: Avast is saying One Click exe is a trogen


Quote:
Originally posted by ShadowCat66
This is the message I get from Avast Antivirus when I run the EXE file.I downloaded the latest from the sticky first also.


OC-FAH-SSE-V2/.exe is infected with Win32:Trogen-gen {VC}


Hmmm,any clues here,just a bug in Avast??
Probably... I mean it is a strange exectutable that installs as a service and uses LOTS of CPU powah Rest assured there is no virus in it.

__________________
Loading Signature ...
nikhsub1 is offline   QUOTE Thanks
Old 03-16-04, 11:11 AM   #3
Wedo
Senior Kitty Power!

 
Wedo's Avatar 

Join Date: Oct 2001
Location: Lost Angeles

 
Sweet mother.... I'm sure the footprint of the Core and FAH is throwing off the AV as there are four files in each One-Click:

1. FAH4Console.exe
2. Service-Setup.bat (batch file that registers and starts service)
3. Client.cfg
4. srvany.exe (a Microsoft program that EVERY service install uses)

No virus, just folding.

Wedo

__________________
~ Folding for Sharon, Joy, Kathy, Cathy, Nancy, Peanut, and so many others ~[/size]
Wedo is offline   QUOTE Thanks
Old 03-16-04, 11:54 AM   #4
matrixzen
Member

 
matrixzen's Avatar 

Join Date: Jun 2003
Location: CA

 
It's possible that the F@H zip might have gotten infected. If the AV software starts asking you to act, try the repair function. If it can't repair it, chances are it's not infected and it's just the virus software misdetecting it.

__________________
Team 32 Contributor.
matrixzen is offline   QUOTE Thanks
Old 03-16-04, 12:18 PM   #5
Wedo
Senior Kitty Power!

 
Wedo's Avatar 

Join Date: Oct 2001
Location: Lost Angeles

 
Quote:
Originally posted by matrixzen
It's possible that the F@H zip might have gotten infected. If the AV software starts asking you to act, try the repair function. If it can't repair it, chances are it's not infected and it's just the virus software misdetecting it.
Good idea, but there is no chance the zip file was infected from the download site. If the file is infected it came from the computer it was downloaded to.

Wedo

__________________
~ Folding for Sharon, Joy, Kathy, Cathy, Nancy, Peanut, and so many others ~[/size]
Wedo is offline   QUOTE Thanks
Old 03-16-04, 12:26 PM   #6
matrixzen
Member

 
matrixzen's Avatar 

Join Date: Jun 2003
Location: CA

 
Same thing I was thinking. Most of the time if the file is from a reliable internet webhost and you find it's infected after you download and try to install it, it's usually just something on your machine infecting certain types of filetypes or just anything you run in general.

__________________
Team 32 Contributor.
matrixzen is offline   QUOTE Thanks
Old 03-16-04, 03:30 PM   #7
Andyman902042
Member



Join Date: Jan 2004
Location: indianapolis

 
That just happened to me too, oh well now I know it's OK.
Andyman902042 is offline   QUOTE Thanks
Old 03-16-04, 04:48 PM   #8
rezon8
Member

 
rezon8's Avatar 

Join Date: Jan 2003
Location: Lewisville, Tx.

 
HEY! I had the exact same thing happen to me this weekend when i do my weekly scan. Came up saying "...duallie OC-one click..." was a W32 Trojan. I was gonna post something about it but decided against it thinking i somehow got it infected myself, as i was also helping a friend of mine disinfect his box, he had tons of viruses on his HD and i assumed that somehow one of the trojans had jumped over the network and infected a random file on my HD or something. I deleted the file, but i still have it installed and running...

maybe we should send !avast an email or someting....
rezon8 is offline   QUOTE Thanks
Old 03-16-04, 04:53 PM   #9
RoadWarrior
Senior Member

 
RoadWarrior's Avatar 

Join Date: Nov 2001
Location: Niagara Falls, Ontario, Canada

10 Year Badge
 
There's also a possibility that it has been labelled a trojan due to irresponsible borging

__________________
Folder in disgrace. Folding rigs may be back online eventually, just as soon as real life gives me enough breaks.

Black Belt Ubercloxx0r

"Even though large tracts of Europe and many old and famous Folders have fallen or may fall into the grip of OCAU and all the odious apparatus of [H]ardOCP rule, we shall not flag or fail."

"We shall go on to the end, we shall fold on the Newcastles, we shall fold on the Northwoods and Prescotts, we shall fold with growing confidence and growing strength on Venice, we shall defend our Forum, whatever the cost may be, we shall fold on the Winchesters, we shall fold on the Bartons, we shall fold on the Applebreds and Thunderbirds, we shall fold on the Coppermines; we shall never surrender!"
RoadWarrior is offline   QUOTE Thanks
Old 03-16-04, 05:45 PM   #10
matrixzen
Member

 
matrixzen's Avatar 

Join Date: Jun 2003
Location: CA

 
I wouldn't be surprised if that happened. If people borg computers without the owner's permission, and when they see it running, they are like "how did that get there?" Thus it is becomes labeled at a virus.

__________________
Team 32 Contributor.
matrixzen is offline   QUOTE Thanks
Old 03-16-04, 06:12 PM Thread Starter   #11
ShadowCat66
Member

 
ShadowCat66's Avatar 

Join Date: Aug 2001
Location: Oshkosh,WI

10 Year Badge
 
LOL,sorry Wedo,I didnt mean to cause a stir.I figured it wasnt infected.Just wanted to point it out to everyone what happened and the slim chance something could have been wrong.

__________________
<<< Avatar by Uber~PhLuBB, Thanks!
Mod by shocker

F@H team 32 Member
ShadowCat66 is offline   QUOTE Thanks
Old 03-16-04, 06:52 PM   #12
Wedo
Senior Kitty Power!

 
Wedo's Avatar 

Join Date: Oct 2001
Location: Lost Angeles

 
Quote:
Originally posted by ShadowCat66
LOL,sorry Wedo,I didnt mean to cause a stir.I figured it wasnt infected.Just wanted to point it out to everyone what happened and the slim chance something could have been wrong.
No worries, if you didn't bring it to our attention someone else would. It's just funny to me because it's a totally love-hate with the One-Click. Either people are lovin' it because of the easy install or I read threads about how f'ed up the program is even though it's worked on hundreds of machines.

I'll try to score some time this week and send an email to the AV people and figure out why the dually version is coming up as a virus. I'm wondering if it's because the Dually puts a thing in the add/remove and the singles do not.

Wedo

__________________
~ Folding for Sharon, Joy, Kathy, Cathy, Nancy, Peanut, and so many others ~[/size]
Wedo is offline   QUOTE Thanks
Old 03-16-04, 07:01 PM   #13
Andyman902042
Member



Join Date: Jan 2004
Location: indianapolis

 
I don't have the Dually version and it still came up as a virus.
Andyman902042 is offline   QUOTE Thanks
Old 03-17-04, 12:21 PM   #14
Wedo
Senior Kitty Power!

 
Wedo's Avatar 

Join Date: Oct 2001
Location: Lost Angeles

 
Quote:
Originally posted by Andyman902042
I don't have the Dually version and it still came up as a virus.
Whoops, my mistake, I guess I need to check the single cpu version AND the dually? Either way, I just figured out why the One-Click comes up as a trojan.

The One-Click is an .exe within an .exe which also registers itself in the registry and adds FAH to the service. All three of these properties are what you everyday trojan would do.

Either way, I'll try to shoot an email to the company.

Wedo

__________________
~ Folding for Sharon, Joy, Kathy, Cathy, Nancy, Peanut, and so many others ~[/size]
Wedo is offline   QUOTE Thanks
Old 03-17-04, 10:09 PM   #15
Audioaficionado
Super Moderator

 
Audioaficionado's Avatar 

Join Date: Apr 2002
Location: Medford, Orygun

10 Year Badge
 
I love both the duallie and single One-clicks. I'll use that 4-client One-Click for HT duallies when I build my Xeon duallie soon.

At least you have your own name in the default cfg so silly borgers won't keep feeding that One-Click folding monster that's passed me twice before.

AVG free doesn't seem to mind One-Click nor do Ad-Aware & Spybot S&D.

Np at my end.

Thanx Wedo for all the tools

__________________
.....................................My HeatwareMyFAH Stats
.......................Folding is a marathon, not a sprint audioaficionado
Asus Commando, 8GB GSkill 5-5-5-15-2t PC6400, Q6600 @3.0GHz >SMP2+GPU3 FAH 24/7
Gigabyte DS3, 3GB GSkill 5-5-5-15-2t PC6400, E6400 @3.0GHz
Asus P5Q PRO Turbo, 4GB GSkill 5-5-5-15-2t PC6400, E6600 @3.0GHz
Iwill DH800, 2GB OCZ4002048PFDC-K 2.5-3-3-8-1t, Dual 2.4 M0 Xeons 1.5v/880/3300
Help improve overclockers.com! Get involved!

You have over 101 posts and Can't see the classifieds???Click This Link
Anyone we catch cookie stuffing at this site will be banned on the spot!!
Audioaficionado is offline Folding Profile Heatware Profile   QUOTE Thanks
Old 03-18-04, 01:27 PM Thread Starter   #16
ShadowCat66
Member

 
ShadowCat66's Avatar 

Join Date: Aug 2001
Location: Oshkosh,WI

10 Year Badge
 
Quote:
Originally posted by Audioaficionado
I love both the duallie and single One-clicks. I'll use that 4-client One-Click for HT duallies when I build my Xeon duallie soon.

At least you have your own name in the default cfg so silly borgers won't keep feeding that One-Click folding monster that's passed me twice before.

AVG free doesn't seem to mind One-Click nor do Ad-Aware & Spybot S&D.

Np at my end.

Thanx Wedo for all the tools

Its only the program EXE file it doesnt like.After its installed,it seems fine.

__________________
<<< Avatar by Uber~PhLuBB, Thanks!
Mod by shocker

F@H team 32 Member
ShadowCat66 is offline   QUOTE Thanks

Post Reply New Thread Subscribe


Overclockers Forums > Overclockers.com Teams > Folding Team
Folding Team Join the Overclockers.com Protein-Folding Team and support medical research!
Forum Jump

Thread Tools Search this Thread
Search this Thread:

Advanced Search


Mobile Skin
All times are GMT -5. The time now is 03:59 PM.
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.
You can add these icons by updating your profile information to include your Heatware ID, Benching Profile ID or your Folding/SETI profile ID. Edit your profile!
X

Welcome to Overclockers.com

Create your username to jump into the discussion!

New members like you have made this the best community on the Internet since 1998!


(4 digit year)

Why Join Us?

  • Share experience
  • Max out your hardware
  • Best forum members anywhere
  • Customized forum experience

Already a member?