Hello,
Not sure if this is the right area to post this. Right now, am running Project 7010, 0-108-56 apparently with no issues.
However, am also running SuperAntiSpyware (SAS) in the background. It tagged a number of files as suspicious Trojan Agents. The main problem is "Trojan.Agent/Gen-Krptik.Process". Some of the ones (did not list them all) noted in a SAS popup include:
c:\program files\FAHClient\LIB\GKT-2.0\2.10.0\ENGINES\LIBPIXMAP.DLL
c:\program files\FAHClient\LIB\GKT-2.0\2.10.0\ENGINES\LIBEZLOOKS.DLL
c:\program files\FAHClient\WIN32API.PYD
c:\program files\FAHClient\_CTYPES.PYD
c:\program files\FAHClient\SELECT.PYD
c:\program files\FAHClient\_SOCKET.PYD
c:\program files\FAHClient\LIBPANGOCARIRO-1.0.0.DLL
c:\SYSTEM VOLUME INFORMATION\_RESTORE{c.....}
I would assume those are false positives, thus I can train the SAS and antivirus software to ignore them. Correct?? So far, I do not think the SAS interfered with this or previous jobs run here.
Thanks,
Robby of Team Firefox
Project: 7010 (Run 0, Clone 108, Gen 56)
Moderators: Site Moderators, FAHC Science Team
-
- Posts: 76
- Joined: Sun Jan 20, 2008 9:18 pm
- Hardware configuration: Homebuilt Windows 10
Intel Core i7-4770 ~ started in early 2014 or 2015
32 GB RAM (up from 8 GB in 2018)
64-Bit Operating System
On 31 Mar 2020, installed a GigaByte GEFORCE GTX 1660 GPU - Location: Madison, AL
-
- Posts: 10189
- Joined: Thu Nov 29, 2007 4:30 pm
- Hardware configuration: Intel i7-4770K @ 4.5 GHz, 16 GB DDR3-2133 Corsair Vengence (black/red), EVGA GTX 760 @ 1200 MHz, on an Asus Maximus VI Hero MB (black/red), in a blacked out Antec P280 Tower, with a Xigmatek Night Hawk (black) HSF, Seasonic 760w Platinum (black case, sleeves, wires), 4 SilenX 120mm Case fans with silicon fan gaskets and silicon mounts (all black), a 512GB Samsung SSD (black), and a 2TB Black Western Digital HD (silver/black).
- Location: Arizona
- Contact:
Re: Project: 7010 (Run 0, Clone 108, Gen 56)
Yes, likely a false positive. Many of the latest scanners are overly aggresive, and have been reported here. NOD, Norton, Avast, etc, in various versions have all has false positives with fah files.
However, I cannot rule out that a virus has not attached itself to the normally virus free fah files. As a sanity check, please run one of the free online AV scans to double check, or use a trial copy of something like Avast.
However, I cannot rule out that a virus has not attached itself to the normally virus free fah files. As a sanity check, please run one of the free online AV scans to double check, or use a trial copy of something like Avast.
How to provide enough information to get helpful support
Tell me and I forget. Teach me and I remember. Involve me and I learn.
Tell me and I forget. Teach me and I remember. Involve me and I learn.
Re: Project: 7010 (Run 0, Clone 108, Gen 56)
Fold! It does a body good!™
Re: Project: 7010 (Run 0, Clone 108, Gen 56)
A far as a false positive on files from a specific WU like Project: 7010 (Run 0, Clone 108, Gen 56), there are always going to be data (binary) files with more or less random bit patterns but they'll be in the \WORK folder. Most people simply disable scanning of that folder.
The files that you're reporting are inside of \Program files\FAHClient which should only be created/modified during the installation procedure after receiving Admin permissions to install. FAH (or other programs) should not be run with Admin permissions, thereby providing no opportunity for the executable files to be infected.
Is the first scan since you installed FAH?
The files that you're reporting are inside of \Program files\FAHClient which should only be created/modified during the installation procedure after receiving Admin permissions to install. FAH (or other programs) should not be run with Admin permissions, thereby providing no opportunity for the executable files to be infected.
Is the first scan since you installed FAH?
Posting FAH's log:
How to provide enough info to get helpful support.
How to provide enough info to get helpful support.
-
- Posts: 76
- Joined: Sun Jan 20, 2008 9:18 pm
- Hardware configuration: Homebuilt Windows 10
Intel Core i7-4770 ~ started in early 2014 or 2015
32 GB RAM (up from 8 GB in 2018)
64-Bit Operating System
On 31 Mar 2020, installed a GigaByte GEFORCE GTX 1660 GPU - Location: Madison, AL
Re: Project: 7010 (Run 0, Clone 108, Gen 56)
Hello, am using AVAST! Internet Security as the main anti-virus client on this computer. Have heard about problems with it and other scanners. Think I have it set to ignore FAH directories. Will add FAH to the ignore list on the SuperAntiSpyware program too.
Sorry but didn't let you know I am using Windows XP Pro, with only one account active (administrative). Am aware of dangers of running processes under Admin permissions. A few years ago at work, one of our folks using Admin privileges did a simple Google search (using I.E.) for printer drivers. The site he went to did some nasty stuff to that PC, installed a new "anti-virus" program which of course founds all kinds of infection; which it would 'remove' for a fee. McAfee on that machine was as useless as a t-shirt in front of a firing squad. Our IT guy managed to get rid of that infection.
I'll probably go the Windows 7 way by the year's end. That'll help minimize those type of problems..
Thanks for the good advice!
Robby
Sorry but didn't let you know I am using Windows XP Pro, with only one account active (administrative). Am aware of dangers of running processes under Admin permissions. A few years ago at work, one of our folks using Admin privileges did a simple Google search (using I.E.) for printer drivers. The site he went to did some nasty stuff to that PC, installed a new "anti-virus" program which of course founds all kinds of infection; which it would 'remove' for a fee. McAfee on that machine was as useless as a t-shirt in front of a firing squad. Our IT guy managed to get rid of that infection.
I'll probably go the Windows 7 way by the year's end. That'll help minimize those type of problems..
Thanks for the good advice!
Robby