Trojan detected in download file. Great room.
Sweetleaf
Posts: 32
So I went to download the great room, and I got my antivirus program pop up a warning:-
Virus or unwanted program 'TR/Crypt.ULPM.Gen [trojan]'
detected in file \F7aytwTF.exe.part
What do I do next? My anti-virus program ate it.
Post edited by Sweetleaf on
Daz 3D is part of 
Connect
DAZ Productions, Inc.
7533 S Center View Ct #4664
West Jordan, UT 84084
Licensing Agreement | Terms of Service | Privacy Policy | EULA
© 2024 Daz Productions Inc. All Rights Reserved.
Comments
Norton ?
I have the same issues with the texture converter packs from Universe 3D. I use Avira Anti Vir and has set this items on ignore.
I use Antivir too.
I just had a bug on the forums too. It wouldn't let me log in. I hit the log in button and it would take me to my account dashboard, logged in. I navigated to the forums again and I was logged out here.
I had the same problem with those packs so I uninstalled them years ago. Norton kept giving me warnings.
I've been having that problem too. Lately the DAZ site has been acting weird. Going from the store to the forums has issues. The latest problem are the images on the product pages aren't working especially the ones where you click the right arrow to see all of them.
Whichever AV you use, any problem you encounter when downloading .exe files form DAZ 3D is going to be something to do with the heusistcs of your AV prigram. Many AV apps seem to be set on paranoid mode nowadays by default, and will balk at files they deem to new to them and thus unrecognised, rather than for any other reason.
I think it's more like 'tin-foil beanie' mode...paranoid mode doesn't automatically DELETE files, it quarantines them, TFB mode...deletes things without asking...
I think it's more like 'tin-foil beanie' mode...paranoid mode doesn't automatically DELETE files, it quarantines them, TFB mode...deletes things without asking...
I used to have this problem with nortons. It's one of the reasons I changed to kaspersky. You can go into the exclusions area and allow certain things to still run. I do this with kaspersky from time to time.
It's unlikely that downloads from DAZ are infected its just that nortons has it set up to pick up exe files that they aren't familiar with. It's like the message that pops up when you download that says. " this file is not frequently downloaded do you still wish to run it" .
...I've become so accustomed to restoring Daz installer downloads from quarantine, it is almost automatic now. I was actually shocked that none of the thirty-some-odd Teen5 Pro Bundle files tripped the warning (of course so many probably bought & downloaded them during the "Snowball Glitch Sale" before I did that Norton didn't consider them "untrusted" anymore).
Again, for me it's a small inconvenience considering my system has been kept clean and infection free all these years.
Kyoto,if you are using nortons could you please provide instructions how to get them out of quarantine. It's a while since I had nortons so I couldn't but it would be useful to have it in a thread that we can point to when people have these problems.
Thanks
Pen ( who is being attacked by a kitten as I type so please excuse any errors.)
Its not a bug its a feature of the new site, they like to make you do a digital dance routine just to spend money and read the forums.
Kyoto,if you are using nortons could you please provide instructions how to get them out of quarantine. It's a while since I had nortons so I couldn't but it would be useful to have it in a thread that we can point to when people have these problems.
Thanks
Pen ( who is being attacked by a kitten as I type so please excuse any errors.)
...basically you first need to open the Norton main screen: where there is a section titled "Computer Protection" with one of the options being "Quarantine". Click on that and it will bring up your "Security History" which lists everything that has been blocked and is currently in quarantine status. Scroll down until you find the entry for the particular Daz Installer (if you do this immediately after the download is flagged, it should be the top one on the list). After selecting the proper file from the list, go to the"Details Window" on the right where you will find a link titled "Options" under the "Recommended Action" field. Click on and it will bring up an "Options" pop up dialogue for the quarantined file which will list two choices: Restore" and 'Remove from History". Click on "Restore" and it will release the file to the location you originally intended to downloaded it to.
Of course you need to be extremely careful to select the correct quarantined file when doing this. Make sure the file's source is Daz3D and that the name matches that of the actual install.exe file. The last thing you want to do is release or "open the door to" something that is an actual threat to your system as Norton continually monitors all net traffic while you are online. There have been a few times I received notice of an attack attempt that was blocked even though I was on a "trusted" site.
Just to let everyone know, I have the full Norton IS 2013 suite so not sure if Norton AV handles this routine any differently.
Just a silly question (sorry left the tin foil at work)... I have never had a problem with DAZ files or any 3D content sold by Rendo, CP, RNDA or otherwise, but I have to ask:
Isn't it at least possible that antivirus programs could be right about a file on occasion?
There are a lot of different computers at DAZ, linked to the Internet and probably even each other. At least one has to believe that files are exchanged, emailed, added to the servers that provide downloads, and so forth.
I would suggest people at least test the file using other software, especially if your antivirus program does not typically react to DAZ installers.
PS: BTW, I don't use Norton. My antivirus has never reacted to a DAZ file before but it squawked about a few freebies I got elsewhere. ANd it was right. lol
...only since the most recent update of Norton did it begin flagging Daz installers for me and then only the latest version of the Daz .exe's for new content releases.
When this occurs the message I receive is that it is due to the fact there haven't been enough Norton users who have downloaded the product yet to establish its "trust" level. The previous series of installers as well as older ones don't trigger this alert, nor do .zip files. I have checked my system with a couple other malware utilities and everything is clean, so it is something in the structure of the .exe file as well as it's "newness" that causes Norton and other AVs to issue the false positives.
A good example was the Young Teens5 Pro Bundle. Though all the files use the newest .exe format, by the time I actually got to download everything (the day after I made the purchase) enough other people had already done so to satisfy Norton's criteria for "trustworthiness" and nothing was flagged.
The Teens5 situation was in a sense a "perfect storm" of a highly anticipated and long awaited product with a glitch in the site software that allowed it to be purchased as part of the Snowball Bundle deal. At one point during the day the store actually went offline due to server overload.
Thanks Kyoto, that will be really useful!
We really need a sticky thread with this for all the different anti virus software...at leastthe main ones.
I think it is very unlikely that DAZ would get infected but I suppose anything is possible and in the end it's up to the user to decide what they feel comfortable doing. I can only say in the seven years I've been downloading files from DAZ I've had no problems caused by their downloads.
Hey Pen, I used to follow the same method as Kyoto does, but recently discovered a slightly faster way. I'm on Win7 Pro and it slides in a small dialog box that says it's been removed, and at the bottom of that little dialog box is a link to "See Details" or "View Details" (don't recall which). If you click that link it will open one of Norton's screen's and at the bottom of that screen is a link to "Options" and the next page has two options, the first being "Restore". Click that and you're all set.
Hey Pen, I used to follow the same method as Kyoto does, but recently discovered a slightly faster way. I'm on Win7 Pro and it slides in a small dialog box that says it's been removed, and at the bottom of that little dialog box is a link to "See Details" or "View Details" (don't recall which). If you click that link it will open one of Norton's screen's and at the bottom of that screen is a link to "Options" and the next page has two options, the first being "Restore". Click that and you're all set.
Thanks Miss B! All hints and tips are welcome...I think it may be worth starting a new thread called Tips and HInts for problems with Anti Virus software. It would make it easier to find for newcomers...would either of you mind if I started a thread and included your hints?
Hugs
Pen
Hey Pen, I used to follow the same method as Kyoto does, but recently discovered a slightly faster way. I'm on Win7 Pro and it slides in a small dialog box that says it's been removed, and at the bottom of that little dialog box is a link to "See Details" or "View Details" (don't recall which). If you click that link it will open one of Norton's screen's and at the bottom of that screen is a link to "Options" and the next page has two options, the first being "Restore". Click that and you're all set.
...yeah, for the time being I'm still in XP32.
Though, have the new system up and running, just need to deal with a couple configuration issues then I can start installing everything else.
Technically "anything is possible" ... that's one of the reasons people will ask in the forums to see what's happening for others downloading the same file. Some folk have a 'sandbox' to test the files in too.
Actually I suspect first you'll need to redownload the file. .part indicates that the download is incomplete.
An incomplete download [esp of an .exe] will trigger warnings because they can bear remarkable resemblance to true problems. [according to my AV]
Don't froget, if you do redownload the file, before doing so clear your browser cache, otherwsie the partial download can stay in the cahce, and your browser will read that fragment, thus causing further download attempts to fail at the same point.
Thanks Miss B! All hints and tips are welcome...I think it may be worth starting a new thread called Tips and HInts for problems with Anti Virus software. It would make it easier to find for newcomers...would either of you mind if I started a thread and included your hints?
Hugs
PenI have a TIp.
use MS Security Essentials and you won't get these issues of false reports and it is free and we get regular definition updates via Windows Update. I know many here that use it and I started when it wasn't free. Only once have I been hit with malware and that was my fault not watching what I was clicking on. :)
Thanks Miss B! All hints and tips are welcome...I think it may be worth starting a new thread called Tips and HInts for problems with Anti Virus software. It would make it easier to find for newcomers...would either of you mind if I started a thread and included your hints?
Hugs
PenI have a TIp.
use MS Security Essentials and you won't get these issues of false reports and it is free and we get regular definition updates via Windows Update. I know many here that use it and I started when it wasn't free. Only once have I been hit with malware and that was my fault not watching what I was clicking on. :)
Thanks Pete! Once Miss B and Kyoto give me the ok I will start a new thread. Maybe if we're lucky it will get stickied. This topic comes up on a regular basis...
You don''t need an ok to start a new thread so go for it. :)
seconded
But is it okay to quote them without permission?