Official BS.Player forums  

Go Back   Official BS.Player forums > Main forum > Bug Reports And Codecs
Register FAQ Calendar Today's Posts Search

Bug Reports And Codecs Report BS.Player bugs here - help us to improve BS.Player even further.

Reply
 
LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 16th August 2004
Junior Member
BS.Player Newbie
 
Join Date: Aug 2004
Posts: 3
Rep Power: 0
Animal is an unknown quantity at this point
Default bsplayer100.810.exe contains VIRUS!!!! = F A L S E ALARM

The virus is found with the bsplayer100.810.exe download
The virus found is called, Troj/Multidr-KE
Which is a trojen, trojen are generally found to remote access tools to steal information from other peoples computers.
below is a link to an antivirus database so you can see for your self
http://www.sophos.com/virusinfo/anal...multidrke.html

My computer does not contain any known virus as it is kept up to date with the latest windows updates and Antivirus updates.

This virus was descovered on 16/08/04 from downloading bsplayer100.810.exe directly from
http://www.bsplayer.org/index.php?p=...60fcada35206b8 and was intercepted before it became available on my hard drive.
Reply With Quote
  #2 (permalink)  
Old 16th August 2004
Junior Member
BS.Player Newbie
 
Join Date: Aug 2004
Posts: 3
Rep Power: 0
scorp76 is an unknown quantity at this point
Default

I scanned mine n dont see anything.
Reply With Quote
  #3 (permalink)  
Old 16th August 2004
Junior Member
BS.Player Newbie
 
Join Date: Aug 2004
Posts: 1
Rep Power: 0
Tinkerbell is an unknown quantity at this point
Default

Same with Sophos:
Intercheck denied access due to Trojan: Troj/Multidr-KE

The bsplayer100.810.exe was downloaded with the Download-Button of bsplayer.org.

A scan of the whole System received no further warnings, so i assume, system is safe.

Is it a false alarm, due to reprogramming of the render-engine?

...will try some cross-scans on an isolatet system...

BBL...
Reply With Quote
  #4 (permalink)  
Old 16th August 2004
Junior Member
BS.Player Newbie
 
Join Date: Aug 2004
Location: Zagreb, Croatia
Posts: 2
Rep Power: 0
djole is an unknown quantity at this point
Default

Not only that.

It triggered alarm (false, I suspect) on old installers and existing uninstaller.

Same goes for GSPOT.
__________________
Đorđe Ni??etić
Reply With Quote
  #5 (permalink)  
Old 16th August 2004
Junior Member
BS.Player Newbie
 
Join Date: Aug 2004
Posts: 3
Rep Power: 0
Animal is an unknown quantity at this point
Default Virus update

ok I use sophos, the IDE for this virus was released today, so if it is a virus the protection from it is very new.

"Protection available since 16 August 2004 11:33:28 (GMT)" -sophos

Description of virus

Troj/Multidr-KE extracts and runs several files.
Two of these are detected as Troj/Sysme-A and Troj/Dloader-BA. The others are adware related.

Troj/Sysme-A is a Trojan.
When executed, the Trojan installs a registry entry to run itself on system startup and attempts to download a file from a specific webserver.
Troj/Sysme-A may email information out from the infected computer.

Troj/Dloader-BA is a downloader Trojan.
When executed it will attempt to download and run a file from a webserver.

-Animal
Reply With Quote
  #6 (permalink)  
Old 16th August 2004
Junior Member
BS.Player Newbie
 
Join Date: Aug 2004
Posts: 3
Rep Power: 0
Animal is an unknown quantity at this point
Default virus update

Troj/Multidr-KE
Type, Trojan
Vulnerable operating systems, Windows
Side effects, Drops more malware
http://www.sophos.com/virusinfo/anal...multidrke.html

Troj/Sysme-A
Type, Trojan
Vulnerable operating systems, Windows
Side effects, Uses its own emailing engine
Downloads code from the internet
Installs itself in the Registry
Aliases, PWS-Sysme
Trojan.PSW.Stealer.c
PWSteal.Trojan
http://www.sophos.com/virusinfo/anal...rojsysmea.html

Troj/Dloader-BA
Type, Trojan
Vulnerable operating systems, Windows
Side effects, Downloads code from the internet
Aliases, TrojanDownloader.Win32.Small.gs
http://www.sophos.com/virusinfo/anal...dloaderba.html

-Animal
Reply With Quote
  #7 (permalink)  
Old 16th August 2004
Junior Member
BS.Player Newbie
 
Join Date: Aug 2004
Location: Zagreb, Croatia
Posts: 2
Rep Power: 0
djole is an unknown quantity at this point
Default

OK, Sophos updated it.
Not that they care to mention it on their site, but...

Seems it was a false alarm after all.

in the meantime, in Athens, CRO-SLO 27-26 (goals), 1-0 (broken noses)
Seems they watched the match, then went back to business.
__________________
Đorđe Ni??etić
Reply With Quote
  #8 (permalink)  
Old 25th August 2004
Junior Member
BS.player Regular User
 
Join Date: Mar 2004
Location: France
Posts: 20
Rep Power: 0
Eyael is an unknown quantity at this point
Default

I once encountered a similar problem with another software and Avast antivirus. It turned out the exe was clean and it was a false alarm. I reported it to Avast and they corrected the antivirus.

One thing you can do is not to set your antivirus as resident and then download BSPlayer.

Hope it helps!
__________________
"Our lives end the day we remain silent about things that matter" -- Martin Luther King
Reply With Quote
  #9 (permalink)  
Old 8th August 2014
Junior Member
BS.Player Newbie
 
Join Date: Aug 2014
Age: 41
Posts: 1
Rep Power: 0
vinisantos is on a distinguished road
Default

McAfee Enterprise

Reply With Quote
Reply

Tags
alarm, virus


Posting Rules


All times are GMT +1. The time now is 02:49 PM.


Powered by vBulletin® Version 3.8.9
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Search Engine Optimization by vBSEO 3.6.0 PL2
Ad Management plugin by RedTyger

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20