Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HEUR/Crypted .exe file


  • Please log in to reply
3 replies to this topic

#1 gonwk

gonwk

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:03:11 PM

Posted 14 December 2008 - 12:51 PM

Hi folks,

1st of all I apologize if I have not posted in the correct Thread!

I have a program (Video Converter) that it was in my archive from few months back on an External Hard Drive. I never needed this program before ... so I was thinking about using it now ... But, when I hooked up my Ext. HD to my laptop via USB ... my Avira Anti-vir said that the "xxxx.EXE" file "Contains HUER/Crypted suspicious code".

Q1: Is this file really a Virus or is it a False Positive!?!?

Q2: What is the BEST "Freewar" Trojan, Malware, Virus Scanner currently? to scan my programs in order top make sure they are "Safe"!

Thanks,

G!:thumbsup:
Totally a Newbie, Eager to Learn!

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,769 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:11 AM

Posted 14 December 2008 - 02:04 PM

Many anti-virus programs utilize optional heuristic features to detect brand new viruses, based on behaviors and coding patterns that infections commonly use.

Heuristic analysis is the ability of an anti-virus program to detect possible new variants of malware before the vendor can get samples and update the program's definitions for detection. Heuristics uses non-specific detection methods to find new or unknown malware which allows the anti-virus to detect and stop if before doing any harm to your system. The techniques involves inspecting the code in a file to see if it contains virus-like characteristics. If the number of these characteristics/instructions exceeds a pre-defined threshold, the file is flagged as a possible virus.

The disadvantage to using heuristics is that it is not as reliable as signature-based detection (blacklisting) and can potentially increase the chances that a non-malicious program is flagged as malicious. With heuristics, there is always a potential risk for a "False Positive" when the heuristic analysis flags a file as suspicious or infected that contains no malware. Reducing the detection sensitivity will minimize the risk but then that increases the possibility for new malware to infect your system.

Get a second opinion, by submitting the file to jotti's virusscan or virustotal.com. In the "File to upload & scan" box, browse to the location of the suspicious file and submit (upload) it for scanning/analysis.

No single product is 100% foolproof and can detect and remove all threats at any given time. The security community is in a constant state of change as new infections appear. Each vendor has its own definition of what constitutes malware and scanning your computer using different criteria will yield different results. The fact that each program has its own definition files means that some malware may be picked up by one that could be missed by another. Thus, a multi-layered defense using several anti-spyware products (including an effective firewall) to supplement your anti-virus combined with common sense and safe surfing habits provides the most complete protection.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 gonwk

gonwk
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:03:11 PM

Posted 15 December 2008 - 10:25 PM

Hi QuietMan,

THANKS A Bunch for your Detailed Reply! Most helpful!

I am running Vista Home Premium 64-bit on my laptop and I am currently running Avira AntiVirus + Comodo Firewall with Defnese Plus + SuperAntiSpyware + MalwareBytes + Windows Defender ( I left as is ... just I update it regularly).

Quietman ... do you have a Favorite Combo Protection as you mentioned ... preferrably a Freeware option.

Also I have a dumb Q ... can I "Edit" my past post ... for example if I see a "typo"!?!? I don't see or seem can't find an Edit button after the message has been posted.

Thanks again, :thumbsup:

G!:flowers:

Edited by gonwk, 15 December 2008 - 10:26 PM.

Totally a Newbie, Eager to Learn!

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,769 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:11 AM

Posted 16 December 2008 - 09:02 AM

Choosing a security protection toolkit is a matter of personal preference, features offered, the amount of resources utilized, how it may affect system performance and what will work best for your system. A particular combination that works well for one person may not work as well for another. You may need to experiment and find the ones most suitable for your use.

See BC's Freeware Replacements For Common Commercial Apps and List of Virus & Malware Resources.

Of course, you can always supplement your anti-virus by performing an Online Virus Scan.
List of Free Antivirus and Online Scanners
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users