SDL Trados 2007 installation files contain Trojan.Blackmailer.10 virus! Thread poster: arterm
|
arterm Serbia Local time: 00:39 English to Russian
Dear Colleagues, I was reinstalling my fully legitimate SDL Trados 2007 and my DR. Web scanner reported that SDL Trados 2007 installation files contain Trojan.Blackmailer.10 virus. The same virus was found in in the program folder after installation. I have downloaded official Trados SP2 Freelance files from SDL.com website last week. Antivirus deletes the infected file and XLS files cant be saved from TagEditor anymore. Any... See more Dear Colleagues, I was reinstalling my fully legitimate SDL Trados 2007 and my DR. Web scanner reported that SDL Trados 2007 installation files contain Trojan.Blackmailer.10 virus. The same virus was found in in the program folder after installation. I have downloaded official Trados SP2 Freelance files from SDL.com website last week. Antivirus deletes the infected file and XLS files cant be saved from TagEditor anymore. Any suggestions or experience with this issue? Thank you in advance Arterm ▲ Collapse | | |
kimjasper Denmark Local time: 00:39 Member (2006) English to Danish + ... Contact SDL support | Sep 10, 2008 |
Hi Artem, If you suspect that there is a virus in installations files from SDL then I would recommend you to contact SDL support as soon as possible in order to get the issue resolved. Best regards Kim | | |
arterm Serbia Local time: 00:39 English to Russian TOPIC STARTER I would but SDL support is not Free of charge | Sep 10, 2008 |
I would but SDL support is not Free of charge I have to buy some support package from them to get any interaction. This is what is written on their website: You do not have a current Premium Software Maintenance Agreement. If you wish to use the online support portal and be able to interact with our team of experienced support engineers you need to have a valid Premium Software Maintenance Agreement. If you do not have one you will only be able to use the Knowledge Base.... See more I would but SDL support is not Free of charge I have to buy some support package from them to get any interaction. This is what is written on their website: You do not have a current Premium Software Maintenance Agreement. If you wish to use the online support portal and be able to interact with our team of experienced support engineers you need to have a valid Premium Software Maintenance Agreement. If you do not have one you will only be able to use the Knowledge Base. Buy an SDL Trados Technologies Premium Software Maintenance Agreement To purchase PSMA for your licenses please request a quotation. ▲ Collapse | | |
arterm Serbia Local time: 00:39 English to Russian TOPIC STARTER SingletonResource.exe file is infected also in Multiterm 2007 distribution | Sep 10, 2008 |
SingletonResource.exe file is infected also in Multiterm 2007 distribution I think that this is a new virus as it was not detected until the latest virus database update Please be aware of this issue | |
|
|
arterm Serbia Local time: 00:39 English to Russian TOPIC STARTER this virus is indded added today to the AV database | Sep 10, 2008 |
This means that virtually any user of SDL Trados 2007 Freelance might be infected! Can I somehow bring this to SLD attention? Or maybe someone at proz.com could? Other files on my machine are not affected only the SDL ones | | |
False alarm? | Sep 10, 2008 |
ARTEM SEDOV wrote: I was reinstalling my fully legitimate SDL Trados 2007 and my DR. Web scanner reported that SDL Trados 2007 installation files contain Trojan.Blackmailer.10 virus. The same virus was found in in the program folder after installation. I have downloaded official Trados SP2 Freelance files from SDL.com website last week. Antivirus deletes the infected file and XLS files cant be saved from TagEditor anymore. Any suggestions or experience with this issue? Are you sure it's not a false alarm? It happens. E.g. recently Trend Micro reported false positives in Windows system files http://www.theregister.co.uk/2008/09/08/trend_security_false_alarm I remember this kind of problems with Symantec, Nod32 and other tools... Send the quarantined file(s) to Dr Web guys and/or wait for updated signatures. Cheers GG | | |
arterm Serbia Local time: 00:39 English to Russian TOPIC STARTER we shall see | Sep 10, 2008 |
thanks for the hint | | |
False alarm? (2) | Sep 10, 2008 |
Grzegorz Gryc wrote: Are you sure it's not a false alarm? [/quote] BTW. I vaguely remember some Trados files were already detected some years ago by my antivirus software, I don't remember exactly, probably CA or Symantec (?). Trados is a copy protected software and the code may be deliberately obfuscated. In this case, some scaners (especially the heuristic ones) may report strange behavior and the file may be considered as infected. PS. I worked for a company using some smart software copy protection procedures, they had a damn bad day when a false positive was detected by Symantec 6 or 7 years ago Cheers GG
[Edited at 2008-09-10 08:58] | |
|
|
Happened with NOD 32 some time ago | Sep 10, 2008 |
I reported a similar situation some time ago. It was fixed by NOD 32. You might want to contact Trados and the maker of your antivirus software. Looks like a false alarm. | | |
arterm Serbia Local time: 00:39 English to Russian TOPIC STARTER reported this case to DR. Web | Sep 10, 2008 |
reported this case to DR. Web | | |
SDL Support Team... | Sep 10, 2008 |
Hello Artem, Yes, this is a false alarm. I would recommend following this up with DR Web as SDL Trados 2007 is not infected. Many Thanks, Gareth Powell SDL Support Team
[Edited at 2008-09-10 12:51] | | |
arterm Serbia Local time: 00:39 English to Russian TOPIC STARTER DRWEB claims they have fixed their database now after my report | Sep 10, 2008 |
DRWEB claims they have fixed their database now after my report SDL Support wrote: Hello Artem, Yes, this is a false alarm. I would recommend following this up with DR Web as SDL Trados 2007 is not infected. Many Thanks, Gareth Powell SDL Support Team
[Edited at 2008-09-10 12:51] | | |