Fund Manager
PORTFOLIO MANAGEMENT SOFTWARE
Contact Us

Re: Some FM files flagged as a virus

[ Message Board ] [ Archives ] [ Search ]

Posted by Mark on July 16, 2007 at 18:11:53:

In Reply to: Re: Some FM files flagged as a virus posted by Bill Davison on July 16, 2007 at 17:17:29:

: : : Hi,

: : : Thought it might be useful to report what appears to be a false positive from my virus scanner. I've got Symantec AntiVirus 10.1 (corporate license). After receiving the July 15 virus signature update, the following files were listed as infected by the Adware.CPush virus, and quarantined.

: : : C:\Program Files\Fund Manager\modsetup.exe
: : : C:\Program Files\Fund Manager\uninstall.exe
: : : C:\zipped programs\fundmn84.exe
: : : C:\zipped programs\fundmn85.exe

: : : When I dug into the details on Symantec's website, none of the expected CPush registry keys existed. No symptoms of infection other than the fact that they got picked up by the virus scanner.

: : : - Bill

: : Hi Bill,

: : Interesting, thanks for the message. I haven't seen that problem before. I took a quick look on Symantec's site that describes this virus. Is it possible you got this virus, and it attached itself to those .exe files you mentioned? We virus scan and then digitally sign all of our distributed programs. If you check "fundmn85.exe" on your system, does it still display that it was digitally signed by us? If it had been modified in any way (like by a virus attaching itself), the file would no longer display the digital signature. You can check if it has a digital signature by looking at the properties of that file, and then clicking on the "Digital Signatures" tab.

: : Thanks,
: : Mark
: : --
: : Fund Manager - Portfolio Management Software

: Hi Mark,

: Your digital signatures are still intact. To me it seems unlikely that I would have picked up a virus that would have affected 4 FM EXEs, and nothing else. The affected files have been on my PC for months now, particularly the v8.4. What changed yesterday was the new virus signature file from Symantec.
: Makes me wonder if it was a false positive.

: Today I restored the files from quarantine, after which I re-scanned them. They came back clean. But by now the virus definitions have gone up a version as compared to yesterday.

: Anyway, everything's working fine. Just figured I'd pass along my experience in case someone else runs into it.

: Bill

Hi Bill,

I think you're right, it sounds like a false positive that they have since corrected...

Thanks,
Mark
--
Fund Manager - Portfolio Management Software


Replies:

 
FundManagerSoftware.com | Search | Site Map | About Us | Privacy Policy
Copyright ©1993-2024 Beiley Software, Inc. All rights reserved.