- This topic has 5 replies, 2 voices, and was last updated 13 years, 9 months ago by alfred.
-
AuthorPosts
-
alfredMemberI installed Mobione 1.1.1 on a win7 64 bit operating system with FSecure installed. FSecure detects mobione.exe to contain:
Gen:Trojan.Heur.TP.8Z@bqqeshii
On the info page I can read:
———————————————————————————————————————————–
Trojan:W32/Generic
Name : Trojan:W32/Generic
Detection Names : trojan.generic
gen:trojan, Trojan.crypt
Category: Malware
Type: Trojan
Platform: W32
SummaryA trojan, or trojan horse, is a seemingly legitimate program which secretly performs other, usually malicious, functions. It is usually user-initiated and does not replicate.
DisinfectionAllow F-Secure Anti-Virus to disinfect the relevant files.
For more general information on disinfection, please see Removal Instructions.
Additional DetailsTrojan:W32/Generic is a Generic Detection that identifies files with trojan-like characteristics or behavior.
About Generic Detections
Unlike more traditional detections (also known as signatures or single-file detections) a Generic Detection does not identify a unique or individual malicious program. Instead, a Generic Detection looks for broadly applicable code or behavior characteristics that indicate a file as potentially malicious, so that a single Generic Detection can efficiently identify dozens, or even hundreds of malware.
For more information about Generic Detections, see the Other:W32/Generic description.
———————————————————————————————————————–What can I do to make it work?
I tried to restore the quarantined exe file, but as soon as I try to execute it, FSecure put it back in to qurantine,
disabling my FSecure is not something that I will even concider, can someone help me out?
support-michaelKeymaster@alfred
I apologize for the trouble that you are experiencing between MobiOne and your antivirus software. Let me assure you that FSecure’s claim that MobiOe is a virus is a false. We will be in contact with them immediately requesting a resolution since their scanning algorithm clearly need improvement.I’m not familiar with FSecure’s de-quarintine mechanism. Most A/V softwarew includes mechanisms to tell either whilte-list the mobione.exe or to Always Ignore mobione.exe in future scans. I am setting up a test env now to see what’s up with FSecure. I’ll report back here any findings.
support-michaelKeymaster@alfred
I confirmed your observation with FSecure 2011. Here is the workaround I just performed:1) Open F-Secure console
2) Select Tasks tab
3) Select Settings>Virus and Spyware scanning…
a) disable “Turn on real-time scanning”
b) OK4) From Tasks select “Restore a removed file or program”
a) select mobione.exe and “Restore”
b) OK5) Exclude MobiOne install dir from scanning; from Tasks select “Settings”
– near the bottom select the link “Open excluded items list”
See attachment fscan-1.png
a) select Objects tab
b) select Add…
c) navigate to MobiOne installation directory and select it
e.g., on XP c:\program files\MobiOne Studio
e.g., on Vista/Win7: c:\users\<youraccount>\AppData\Local\MobiOne Studio
d) OK
See attachment fscan-2.png6) Select Settings>Virus and Spyware scanning…
a) enable “Turn on real-time scanning”
b) OKYou should now be able to launch MobiOne without fsecure getting all pissy.
Attachments:
You must be logged in to view attached files.
alfredMemberThanks, it works!!
I’ll start the test now, it seems very interesting, have a nice weekend!!
support-michaelKeymasterWe found that a recent update among antivirus systems caused some of them to falsely report that MobiOne is a virus. We made an minor update in MobiOne 1.1.2 (released 20110330) that improves A/V compatibility. We tested on over 20 different A/V scanners successfully.
alfredMemberThanks! I’ll try it out.
-
AuthorPosts