Welcome, Guest. Please Login or Register.
Search
Members
Login
Register
   Mischel Internet Security Forum
   TrojanHunter
   TrojanHunter Guard (Moderators: Helena, Gavin_Coe, Magnus)
   Trojan Detected in FastStone Capture		 « Previous topic | Next topic »
Pages: 1  Reply Reply  Notify of replies Notify of replies   Send Topic Send Topic   Print Print
   Author  Topic: Trojan Detected in FastStone Capture  (Read 1579 times)
mrainey
Newbie
*



I love YaBB 1G - SP1!

   


Posts: 13
Trojan Detected in FastStone Capture
« on: Mar 21st, 2009, 4:15am »		 Quote Quote  Modify Modify
FastStone added a screen capture feature to Capture v6.3.  TH Guard detects TrojanSpy.Agent.288 when I try to use the new feature.  Clicking Clean gets me the following:
 
Cleaning module FSRecMH.DLL in process FSRecorder.exe
Module FSRecMH.DLL successfully unloaded from process FSRecorder.exe (3600)
Unable to quarantine file C:\Program Files\FastStone Capture\FSRecMH.DLL: Scheduling file to be quarantined when computer is restarted
Trojan cleaning finished.
 
 
I'm unable to fully utilize FastStone Capture.  Could you have a look at this as a possible false positive?
 
 
The program (portable version) can be downloaded here:
http://www.faststonesoft.net/DN/FSCapture63.zip
IP Logged
siliconman01
Global Moderator
*****



Trojans! Chew 'em Up, Spit 'em Out...

   


Gender: male
 Posts: 7358
Re: Trojan Detected in FastStone Capture
« Reply #1 on: Mar 21st, 2009, 4:28am »		 Quote Quote  Modify Modify
Sorry that you have encountered a False Positive.
 
Would you please submit file FSRecMH.DLL so that Gavin can correct the ruleset.  The link below describes how to submit a false positive.
 
http://www.misec.net/forum/board/FAQ/1211189968
 
It is preferred that the exact file from your system be submitted rather than Gavin downloading it from a website.  Your particular file may be different than the one downloaded from the site.  
 
You can also temporarily add FSRecMH.DLL to the TH Ignore list once you have confirmed via Jotti or VirusTotal that it appears to be clean.  
 
I'll email Gavin concerning your post here.  
« Last Edit: Mar 21st, 2009, 4:31am by siliconman01 » IP Logged
______
TrojanHunter V5.5.1002...No. 1 AT in my Book and on my Box(es)! Windows 7 x64 Professional on a Dell XPS 410, 8 gbyte RAM, dual WD VelociRaptors, dual 24" UltraSharp FPD monitors, Logitech 5.1 Surround Sound; Windows 7 x86 Professional on a Dell Vostro 220s, 4 gbyte RAM, dual WD VelociRaptors. Common: router, cable modem.
mrainey
Newbie
*



I love YaBB 1G - SP1!

   


Posts: 13
Re: Trojan Detected in FastStone Capture
« Reply #2 on: Mar 21st, 2009, 5:38am »		 Quote Quote  Modify Modify
I've submitted the files and other requested info.  Thanks very much.
IP Logged
Gavin_Coe
Trojan Analyst
*****





   
WWW  

Gender: male
 Posts: 3912
Re: Trojan Detected in FastStone Capture
« Reply #3 on: Mar 21st, 2009, 7:35pm »		 Quote Quote  Modify Modify
Hi, thanks for the email Smiley please update and this should be fixed
IP Logged
Pages: 1  Reply Reply  Notify of replies Notify of replies   Send Topic Send Topic   Print Print

« Previous topic | Next topic »