11 replies to this topic

[Alter]

Hi Racers
New installation of GPL from scratch using the GPLworld installer. KAV moved iGOR.exe to quarantine because of Trojan.Win32.Snojan.bsbm. I doubt KAV is right. Any ideas?
Alter

[Yngwie]

It's a false positive. Put the .exe to the exception list of your AV or turn it off when driving.

[Alter]

Thank you. Thought it was a false too.
It' not easy to persuade KAV to leave iGOR.exe alone because it deletes or moves it to quarantine in seconds. You have to shut down KAV before.

Edited by Alter, Oct 12 2017 - 10:09 AM.

[Marx]

Interesting. My KAV detected exactly the same on my laptop today but my GPL installation is many years old. And I have been using KAV also for many years on the same laptop.

[gliebzeit]

KAV or any virus detection program will update its database regularly.  So, even if you've had KAV and GPL on a particular computer at some point in time a database update then may flag GPL.

[max640]

Hi all,

The same has happened to me with KAV.... but it deleted the two files (iGOR.exe and GEM 2.exe). Now Itry to play GPL again  and if I have problems I'll reinstall the GEM complete. There is no alternative.
Thanks to Danny in any case. I supposed it could be a false positive and now Ihave it confirmed.

[Alter]

Hi max640
In my case KAV didn't really delete the file. Maybe you find them in the quarantine directory to put them back to where they belong.
Alter

[Stefan Roess]

Kaspersky Internet Security has also put igor.exe to quarantine on my system.
I have added it to exceptions.

Edited by Stefan Roess, Oct 15 2017 - 01:45 PM.

[Saiph]

max640, on Oct 12 2017 - 01:55 PM, said:

...... if I have problems I'll reinstall the GEM complete. There is no alternative. ......

It's always a good idea to keep a backup of your GPL installation so you can restore individual files which may get corrupted or deleted for various reasons.

I used to work for McAfee as a software QA test engineer, testing the VirusScan anti-virus engine, and doing false alarm testing on new AV driver sets. It was fairly common for new anti-virus drivers to false alarm on older files. When you need to write a completely new class of anti-virus driver to cope with a new breed of malware (eg when network-infecting 'worms' appeared) it's easy to forget about the safeguards which prevent your AV from triggering on older files. That's where my testing came in. If a driver set false-alarmed on my test rig, it got passed back to the researchers with the details of the failure, and a smiley message saying "Try again guys!".

[SneakiestDuke68]

Hello,
I know that is old topic but i have information for users which use Kaspersky Anti-virus. I contacted with Kaspersky lab and i send them GEM package installer + GEM2.exe + IGOR.exe for check. Today kaspersky lab send me a message that was in a 101% false positive alarm and they fixed it in anti-virus. So, update anti-virus database and after this you can using GEM package installer, GEM2 and IGOR without disabling anti-virus. I tested it and kaspersky AV now no block this applications.
Greetings.

[fajanko]

Thank you Duke!

[Brocky05]

good to know thank you