Trojan alert with AVG antivirus...

Nokios · Postby **Nokios** » Sun Feb 24, 2008 1:26 pm

I use DVB Dream v.1.4i p1 (patched).

Here is where I downloaded this patch from:
http://www.dvbdream.org/patches/dd_patch_080212p1.rar

I also use the free AVG Antivirus which automatically downloads definitions daily.
Today,all of a sudden, it signalled a "trojan horse agent.PCZ" in the file "rec_mng.dll",which is part of the "patch"
I clicked "ignore" but, trying to start recording of any program, I get the message : "Not enough space on HD...".It is most probably due to the fact that the AVG blocked the dll file !!

Does anybody have the same problem??

I reinstalled the version (1.4i) and then replaced the DVBdream.exe with the one from the patch but kept the original rec_mng.dll ...Everything is OK now..

So it is the file "rec_mng.dll" from the patch to version 1.4i which gives a positive result as a trojan....??

CapVi · Postby **CapVi** » Sun Feb 24, 2008 4:40 pm

I don't know why , but Kasperky7 stop rec_mng.dll file . It tell that the file is a Trojan.
Why?

eliminato: Trojan program Trojan.Win32.Agent.ftx File: C:\DOCUME~1\Vito\IMPOST~1\Temp\Rar$DR00.937\rec_mng.dll VITO-FISSO\Vito localhost
rilevato: Trojan program Trojan.Win32.Agent.ftx File: C:\Programmi\dvbdream\is-C57SD.tmp VITO-FISSO\Vito localhost

I think that it is a Trojan!!!!
Releaser could you help us?

Nokios · Postby **Nokios** » Mon Feb 25, 2008 2:56 am

CapVi, which version of DVB Dream are you using?

DirtyBasket · Postby **DirtyBasket** » Mon Feb 25, 2008 11:51 am

Today, Avira AntiVir Personal Edition also reports rec_mng.dll as a Trojan (TR/Agent.ftx). I have had to quarantine the file until I feel safe that this is a false positive.

As a result the record function no longer works for me either and nor does the DVBEPG

I'm using DD version 1.4i p1

CapVi · Postby **CapVi** » Mon Feb 25, 2008 4:44 pm

CapVi, which version of DVB Dream are you using?

Tha last.
Today Kaspersky is autoupdate and now it don't tell me that the file is a Trojan!
I don't know if it is a false positive!

Nokios · Postby **Nokios** » Tue Feb 26, 2008 7:25 am

Today, Avira AntiVir Personal Edition also reports rec_mng.dll as a Trojan (TR/Agent.ftx). I have had to quarantine the file until I feel safe that this is a false positive.

As a result the record function no longer works for me either and nor does the DVBEPG

I'm using DD version 1.4i p1

Use DVB Dream v.1.4i without the patch and everything will be fine.

DirtyBasket · Postby **DirtyBasket** » Tue Feb 26, 2008 9:49 am

I had sent a report to Avira yesterday, and since an update this afternoon there is no warning of a trojan.

updated virus definition file = antivir3.vdf V7.0.2.196

It still seems concerning a bit (or am I being paranoid

) as the three AntiVirus software vendors in this topic had marked the file as bad. Any clues from the developer of the file rec_mng.dll as to what could cause this? I mean what does the file do to seemingly pose a risk in the eyes of the AntiVirus software.

wik · Postby **wik** » Tue Feb 26, 2008 7:33 pm

AVG Free Version 7.5.516
Virus base: 269.21.1/1299 Updated today

DDv1.4i never been patched

rec_mng.dll

Trojan Horse Agent.PEl

wik · Postby **wik** » Tue Feb 26, 2008 7:42 pm

update:

Ok, so the rec_mng.dll in my current C:/dvbdream folder shows infected, but when I look at the same file in one of my backup folders, it is fine.

The file in my backup folder is maybe a month old since I last used it. My backup folder is the same setup, with just different diseqc settings when I use my PC in another location.

Nokios · Postby **Nokios** » Wed Feb 27, 2008 1:23 am

Yes, today this file from the original (i) version has been signalled by the f*ck**g AVG !!!
The problem with this anti-virus is that it blocks the action of the file even when you click "ignore".
No recording is possible...till I get rid of the f*ck**g AVG..!!

update: 30 min later....I put the rec_mng.dll of the patch in the DVB Dream folder and it seems to work !!

update: next morning...28 Febr....Looks like I will have to repeat this daily till AVG changes its virus definitions.!!

Dreamer · Postby **Dreamer** » Wed Feb 27, 2008 4:19 pm

Here is the statement from Rel:

It is most likely a false positive, try to update the virus database.

DirtyBasket · Postby **DirtyBasket** » Wed Feb 27, 2008 6:52 pm

Here is the statement from Rel:

It is most likely a false positive, try to update the virus database.

Thanks for the input Dreamer, I appreciate the time Mods put in to forums (I frequent a few forums and I know you all have to deal with... lets say drivel sometimes

) but how come you say 'most likely'? Is Rel the developer of the file?

As you know from my last post I did update my AV def file and all seems well but it was the fact that it originally flagged as bad. I just wanted reassurance to what went into the file to cause the problem.

The last thing I want to learn is that the file does some kind of logging/spying. Any more input would be greatful.

CapVi · Postby **CapVi** » Thu Feb 28, 2008 3:00 am

With the last kaspersky 7 update all problems are OK!!!
I's a false positive!
Thanks for all

Nokios · Postby **Nokios** » Thu Feb 28, 2008 12:56 pm

At last......after the 28.2.2008 update,AVG doesn't consider the file as a threat !!

Rockin' Rick · Postby **Rockin' Rick** » Sat Mar 01, 2008 7:30 pm

I get the virus warning as well. My virus definitions are updated daily.
AVG
definitions 269.21.2/1305 from 2/29/2008

I told AVG to heal the file, which it completed.
The warning no longer shows. But the file was removed from the DD folder. Now I can't record.

Trojan alert with AVG antivirus...

Trojan alert with AVG antivirus...

Kaspersky also

Kaspersky

Who is online