Jump to content

Virus?


his047

Recommended Posts

  • 5 months later...
Guest N.C.H a.n

My Sophos anti-virus reports a virus in the installation program for RPsetup

is this really a virus or a falses alarm ? the Program reports "virus/spyware Mal/Generic-A"

Hi,

 

Does this happen each time you try to download the program? or does it only happen sometimes?

 

Also does the program report that there IS a virus, or MAYBE a virus?

Link to comment
Share on other sites

  • 8 months later...

RecordPad - False Positive for Virus, Trojans or Malware

 

 

 

Sophos detecting a virus in RecordPad is a false positive.

 

 

 


  1.  
     
     
  2. NCH Software makes sure their audio software is free from virus', malware, or trojans before software is released.
     
  3. Google scans NCH Software's website at least once a week to check for virus', malware, and trojans and they do not detect malware on NCH Software's Website, which includes all of NCH Software's download files.
     
  4. Below, I included a report from VirusTotal that can check the most popular anitvirus packages at once. No Virus, Malware, or Trojans were found from AVG, Symantec, or McAfee and many others including Sophos. Once in a while, CAT-Quickheal will call out a suspicious file like it did in this report. CAT-Quickheal is an antivirus program that is statistical based and is notorious for false positives. Then, some of the antivirus programs can collect data from Virus Total and return a false positive.
     
  5. RecordPad is listed on all the major software download sites, which thoroughly tests software before listing a product to protect their customers.
     
  6. RecordPad continues to receive 5 Star Awards and Editor's Picks from popular software sites.
     

 

 

 

Therefore, I think it is save to conclude you have a false positive virus report.

 

 

 

 

File rpsetup.exe received on 2010.06.11 23:48:39 (UTC)

Current status: finished

Result: 1/41 (2.44%) compress-icon.pngCompact Print results print-icon.png Antivirus Version Last Update Result a-squared 5.0.0.26 2010.06.12 - AhnLab-V3 2010.06.11.00 2010.06.11 - AntiVir 8.2.2.6 2010.06.11 - Antiy-AVL 2.0.3.7 2010.06.11 - Authentium 5.2.0.5 2010.06.11 - Avast 4.8.1351.0 2010.06.11 - Avast5 5.0.332.0 2010.06.11 - AVG 9.0.0.787 2010.06.11 - BitDefender 7.2 2010.06.12 - CAT-QuickHeal 10.00 2010.06.11 (Suspicious) - DNAScan ClamAV 0.96.0.3-git 2010.06.11 - Comodo 5065 2010.06.12 - DrWeb 5.0.2.03300 2010.06.12 - eSafe 7.0.17.0 2010.06.10 - eTrust-Vet 36.1.7629 2010.06.11 - F-Prot 4.6.0.103 2010.06.12 - F-Secure 9.0.15370.0 2010.06.11 - Fortinet 4.1.133.0 2010.06.11 - GData 21 2010.06.12 - Ikarus T3.1.1.84.0 2010.06.11 - Jiangmin 13.0.900 2010.06.11 - Kaspersky 7.0.0.125 2010.06.11 - McAfee 5.400.0.1158 2010.06.12 - McAfee-GW-Edition 2010.1 2010.06.11 - Microsoft 1.5802 2010.06.11 - NOD32 5191 2010.06.11 - Norman 6.04.12 2010.06.11 - nProtect 2010-06-11.01 2010.06.11 - Panda 10.0.2.7 2010.06.11 - PCTools 7.0.3.5 2010.06.12 - Prevx 3.0 2010.06.12 - Rising 22.51.04.04 2010.06.11 - Sophos 4.54.0 2010.06.11 - Sunbelt 6437 2010.06.12 - Symantec 20101.1.0.89 2010.06.11 - TheHacker 6.5.2.0.297 2010.06.11 - TrendMicro 9.120.0.1004 2010.06.11 - TrendMicro-HouseCall 9.120.0.1004 2010.06.12 - VBA32 3.12.12.5 2010.06.11 - ViRobot 2010.6.11.3881 2010.06.11 - VirusBuster 5.0.27.0 2010.06.11 - Additional information File size: 454840 bytes MD5 : 1ec0e678a6d2928d70a8268bece1a17b SHA1 : d580c0d988b1db5e4dba3c48c49d4ba1dea88377 SHA256: 0246f4674ff0c3917517c2bb7e9b2f88c30e11b35e8ea49ce0c8563d03efcd12 PEInfo: PE Structure information

 

( base data )

entrypointaddress.: 0x2021

timedatestamp.....: 0x4A3B4532 (Fri Jun 19 09:58:42 2009)

machinetype.......: 0x14C (Intel I386)

 

( 3 sections )

name viradd virsiz rawdsiz ntrpy md5

.rdata 0x1000 0x2FC 0x400 3.70 f47fbe0899d57c184d59727286f365c3

.data 0x2000 0x325 0x400 5.21 76ea48f1ac3a3d73dd10cd2e38280d6f

.rsrc 0x3000 0x6D0B0 0x6D200 7.99 633772791b06dfca09fcd06d03104a63

 

( 5 imports )

 

> kernel32.dll: GetStartupInfoA, lstrcpyA, GetModuleHandleA, DeleteFileA, GetTempPathA, GetModuleFileNameA, FindResourceA, WriteFile, CloseHandle, WaitForSingleObject, ExitProcess, SizeofResource, LockResource, GetLastError, LoadResource, CreateFileA

> ole32.dll: CoUninitialize, CoInitializeEx

> setupapi.dll: SetupIterateCabinetA

> shell32.dll: ShellExecuteExA

> user32.dll: wsprintfA

 

( 0 exports )

TrID : File type identification

- ssdeep: 12288:m7lNKaDvCMq/lw4d/y9vBQJoS9XoiUGSDCihCC23t:mSaDC7W8/EQJXol2dd sigcheck: publisher....: NCH Software

copyright....: NCH Software

product......: n/a

description..: RecordPad Sound Recorder

original name: n/a

internal name: Recordpad

file version.: 3.03

comments.....: n/a

signers......: NCH Software

Thawte Code Signing CA

Thawte Premium Server CA

signing date.: 1:22 AM 7/20/2009

verified.....: -

PEiD : - packers (Kaspersky): UPX, UPX packers (F-Prot): embedded, UPX, CAB RDS : NSRL Reference Data Set

 

 

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...