Welcome, Guest. Please Login or Register.
Search
Members
Login
Register
   Mischel Internet Security Forum
   TrojanHunter
   False Positives (Moderators: Helena, Gavin_Coe, Magnus)
   (Fixed)  VoodooShield		 « Previous topic | Next topic »
Pages: 1  Reply Reply  Notify of replies Notify of replies   Send Topic Send Topic   Print Print
   Author  Topic: (Fixed)  VoodooShield  (Read 174 times)
G3
Newbie
*





   


Posts: 20
(Fixed)  VoodooShield
« on: Feb 15th, 2012, 10:14pm »		 Quote Quote  Modify Modify
Reported yesterday through website but not fixed. The program folder is clean. It is a new anti-virus program.  
 
Suspicious registry entry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\VoodooShield
Suspicious registry entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\VoodooShield
« Last Edit: Feb 18th, 2012, 12:39pm by siliconman01 » IP Logged
siliconman01
Global Moderator
*****



Trojans! Chew 'em Up, Spit 'em Out...

   


Gender: male
 Posts: 7409
Re: VoodooShield
« Reply #1 on: Feb 16th, 2012, 12:33am »		 Quote Quote  Modify Modify
This "Suspicious registry entry" alert is happening because VoodooShield is being started in 2 different locations of the registry.....in the RUN keys of HKLM and again in HKCU.  It is not really a false positive detection.  TH is warning you that it has found 2 startup keys for the same program which is a common method of malware to ensure that a malware program gets started up.
IP Logged
______
TrojanHunter V5.5.1002...No. 1 AT in my Book and on my Box(es)! Windows 7 x64 Professional on a Dell XPS 410, 8 gbyte RAM, dual WD VelociRaptors, dual 24" UltraSharp FPD monitors, Logitech 5.1 Surround Sound; Windows 7 x86 Professional on a Dell Vostro 220s, 4 gbyte RAM, dual WD VelociRaptors. Common: router, cable modem.
Gavin_Coe
Trojan Analyst
*****





   
WWW  

Gender: male
 Posts: 4038
Re: VoodooShield
« Reply #2 on: Feb 16th, 2012, 9:17am »		 Quote Quote  Modify Modify
I'd suggest sending an email to support AT trojanhunter.com, Magnus will be able to adjust this detection
 
Not sure on the status of putting this on the ignore list, that would be handy too
IP Logged
G3
Newbie
*





   


Posts: 20
Re: VoodooShield
« Reply #3 on: Feb 16th, 2012, 11:07am »		 Quote Quote  Modify Modify
Sent E-mail to support. Strange that I have been running this program for several weeks and it is only in past 2 days that TH started detecting it as a generic trojan.
IP Logged
G3
Newbie
*





   


Posts: 20
Re: VoodooShield
« Reply #4 on: Feb 18th, 2012, 12:32pm »		 Quote Quote  Modify Modify
Problem solved, just E-mailed support:
 
Magnus – Please disregard support request. I discovered the problem.
 
I read today that VoodooShield adds only one registry entry. It may have changed during one of the Beta updates, and by installing new Beta over old one created second startup entry. I just did a clean install (of VoodooShield) and TrojanHunter no longer flags as a trorjan.
IP Logged
Pages: 1  Reply Reply  Notify of replies Notify of replies   Send Topic Send Topic   Print Print

« Previous topic | Next topic »