XML Editor
Sign up for a WebBoard account Sign Up Keyword Search Search More Options... Options
Chat Rooms Chat Help Help News News Log in to WebBoard Log in Not Logged in
Show tree view Topic
Topic Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 Go to previous topicPrev TopicGo to next topicNext Topic
Postnext
McKyle AdamsSubject: Stylus Studio Installs Trojan Horse
Author: McKyle Adams
Date: 17 Jun 2006 01:51 PM
I ran an install of Stylus Studio and my virus scanner immediately picked up that following the install there is a trojan horse Backdoor.Generic2.YJY in the

C:\Program Files\Stylus Studio 2006 Release 2 XML Enterprise Edition\bin\lib\unzip-Zip32.dll file.

Why is the install putting a trojan horse on my computer?


UnknownNoname(22).

Postnext
Minollo I.Subject: Stylus Studio Installs Trojan Horse
Author: Minollo I.
Date: 17 Jun 2006 09:58 PM
The shipped versions of zip32.dll/unzip32.dll look fine to us; both Symantec and McAfee antiviruses are fine with them.

Postnext
McKyle AdamsSubject: Stylus Studio Installs Trojan Horse
Author: McKyle Adams
Date: 18 Jun 2006 10:55 AM
Hi - Here's a screen capture of the AVG scan.


UnknownZip32dllAVGScanPic.jpg
Screen Capture of AVG Scan Output

Postnext
Minollo I.Subject: Stylus Studio Installs Trojan Horse
Author: Minollo I.
Date: 18 Jun 2006 09:17 PM
I can only suggest that you contact your anti-virus vendor and let them know that a well known utility module (http://www.info-zip.org/) is flagged as a trojan.

Postnext
McKyle AdamsSubject: Stylus Studio Installs Trojan Horse
Author: McKyle Adams
Date: 18 Jun 2006 10:58 PM
I will do that and get back with the results.

Posttop
McKyle AdamsSubject: Stylus Studio Does Not Install Trojan Horse
Author: McKyle Adams
Date: 19 Jun 2006 06:30 AM

I received a communication from Grisoft AVG regarding the false detection of the Zip32.dll file as a trojan horse. Their email is found below, including the original email question I sent to them. I am sorry to have been the one to report a false detection, but I'd rather investigate it than propagate a trojan horse outbreak.

McKyle Adams


Response From Grisoft:

Dear Sir/Madam,

Thank you for your email.

We are very sorry, but false alarm happens from time to time. It is the issue of all antivirus companies. With all of these programs it is very difficult to distinguish what is a virus and what is not. There is a thin line between these two worlds, and there are many things that are the same.

Virus is a program too. It has only one difference it does harm. You can find some parts of source code in both (harmless program and the virus). We are working very hard not to let these things happen (All of our updates are very deeply tested before we publish them, however it is not in our possibilities to test all of the programs on the market). When after all is some program false detected we are solving this as soon as possible.

Please update your AVG Antivirus program, this false detection has been removed. (Right click the AVG Control Center icon, located at the bottom right hand corner of the screen and choose option "Check for updates"

Thank you for your cooperation.

Best regards,

Martin Tucek
AVG Technical Support

website: http://www.grisoft.com
mailto: technicalsupport@grisoft.com
On Sun, 18 Jun 2006 21:27:19 -0600 you wrote:

>
>Hello [AVG],
>
>My AVG virus scan has flagged a well-known utility as having a Trojan
>horse virus. The utility is the Zip32.dll utility. The DLL was
>downloaded during the installation of a popular XML software
>application named Stylus Studio - see link:
>
>
>http://www.stylusstudio.com/
>
>The technical forum where I presented this discovery is:
>
>http://www.stylusstudio.com/SSDN/default.asp?action=10
><http://www.stylusstudio.com/SSDN/default.asp?action=10&shp=23&fid=23>
>&shp=23&fid=23
>
>If you click in the link: Stylus
><http://www.stylusstudio.com/SSDN/default.asp?action=9&read=5220&fid=23
>> Studio Installs Trojan Horse , you'll be able to see my presentation
>and their disagreement, and their suggestion that I contact you about
>this utility being flagged as a Trojan horse.
>
>Here is a link they gave me to the zip utility:
>
>http://www.info-zip.org/
>
>Below is a jpg screenshot of the report from your software running on
>XP SP2. If your software has wrongly identified their software as
>installing this virus, I hope you will join me in offering a public
>apology to them in their technical forum. Please advise.
>
>I also attached the zip file - it should be named Zip32.dll file for
>your review.
>
>Thank you for looking into this issue. I do not want to wrongly accuse
>these people, but I trust your software to correctly analyze these
>files on a daily basis and, as they mention, neither Norton nor McAfee
>pick up this file as a Trojan. Feel free to call me to discuss this problem.
>
>[McKyle]
>
>[Attached File: Zip32.dll]


 
Topic Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 Go to previous topicPrev TopicGo to next topicNext Topic
Download A Free Trial of Stylus Studio 6 XML Professional Edition Today! Powered by Stylus Studio, the world's leading XML IDE for XML, XSLT, XQuery, XML Schema, DTD, XPath, WSDL, XHTML, SQL/XML, and XML Mapping!  
go

Log In Options

Site Map | Privacy Policy | Terms of Use | Trademarks
Stylus Scoop XML Newsletter:
W3C Member
Stylus Studio® and DataDirect XQuery ™are from DataDirect Technologies, is a registered trademark of Progress Software Corporation, in the U.S. and other countries. © 2004-2016 All Rights Reserved.