Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Xdrive Desktop Infected?


  • Please log in to reply
4 replies to this topic

#1 Trinity Sexton

Trinity Sexton

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Location:Cowtown, Texas
  • Local time:01:49 AM

Posted 24 September 2007 - 11:19 AM

Howdy!

I was looking to try out the free 5 Gb version of Xdrive; I downloaded the CNet safe version of the program, and when the program was installed and wanted to update, my Iolo AntiVirus stopped C:PROGRAM FILES\XDRIVE\XDRIVE DESKTOP\XDERRNOTIFIER.EXE as being infected with the W32/SelfStarterInternetTrojan!Maximus virus.

I ran a jotti scan on that file and got:

The file you uploaded is 0 bytes. It is very likely a firewall or a piece of malware is prohibiting you from uploading this file

I'm assuming their stuff is infected then, right?

TS
When life hands you lemons, break out the salt and Tequila...

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,056 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:49 AM

Posted 24 September 2007 - 12:12 PM

iolo Antivirus has optional heuristic features to catch brand new viruses, based on behaviors and coding patterns that infections commonly use.

Heuristic analysis is the ability of an anti-virus program to detect new viruses before the vendor can get samples and update the program's definitions for detection. Heuristics uses non-specific detection methods to find new or unknown malware which allows the anti-virus to detect and stop if before doing any harm to your system. The techniques involves inspecting the code in a file to see if it contains virus-like characteristics. If the number of these characteristics/instructions exceeds a pre-defined threshold, the file is flagged as a possible virus.

The disadvantage to using heuristics is that it is not as reliable as signatures-based detection (blacklisting) and there is always a potential risk for a "False Positive" when the heuristic analysis flags a file as suspicious or infected that contains no malware. Reducing the detection sensitivity will minimize the risk but then that increases the possibility for new malware to infect your system.

Allow your firewall to give you access to jotti or virustotal.com so you can get a second opinion.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 Trinity Sexton

Trinity Sexton
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Location:Cowtown, Texas
  • Local time:01:49 AM

Posted 24 September 2007 - 12:36 PM

Hadn't thought about heuristics - excellent point!

Both jotti and virustotal said the file was 0 bytes??

E
When life hands you lemons, break out the salt and Tequila...

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,056 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:49 AM

Posted 24 September 2007 - 04:18 PM

You can try running a couple of Online Anti-virus Scanners but I suspect its a FP.

You should report your findings to both Xdrive Support and Iolo AntiVirus so they can investigate further.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 Trinity Sexton

Trinity Sexton
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Location:Cowtown, Texas
  • Local time:01:49 AM

Posted 24 September 2007 - 06:21 PM

Also a good call - Done!

Really quite a pain...

E
When life hands you lemons, break out the salt and Tequila...




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users