[raytv]

Contemplating re-installing Creartor 9, I came across Roxio Knowledgebase article, "Invalid CD-Key" error when re-installing..."
Should you get this error you are directed to a patch: emc9rmv.zip. As instructed, I downloaded this to my desktop.
Having not decided if I am going to re-install, it sat there overnight.
This morning, my virus program auto-ran a scan and came up with this:
File: emc9rmv.zip; Result\Infection: Trojan horse Startpage.BLK; Path:Docs & Settings\my name\Desktop\emc9rmv.zip.

My virus program "healed" this item and removed it from my desktop.

What in the world is going on? How did this happen? Anything I did or didn't do?
Ray

[ggrussell]

Which Anitvirus? AVG has been finding false positives lately. If you update AVG, it goes away.

[gi7omy]

Actually in this case it alters a registry setting and all AV programs flag it as a 'generic Trojan' because that's how a Trojan operates

You need to disable the A/V for a few moments while you download and install the patch - it's NOT a Trojan despite what the AV may say

[raytv]

Which Anitvirus? AVG has been finding false positives lately. If you update AVG, it goes away.

Yes, AVG.
Thanks, guys. I'm relieved.
I just bought new Norton Internet Security yesterday. Time to install it.

[sknis]

Yes, AVG.
Thanks, guys. I'm relieved.
I just bought new Norton Internet Security yesterday. Time to install it.

There is a slight possibility that you may get that or another issue about "trial version" with Norton also. You might want to return it and then do some searches for other things that may work better and are less costly.

[gi7omy]

NIS should be fine really (even tho I had nothing but problems with the AV in 2006 and 2007 dying on me after a week or two).

It's Norton SystemWorks (the One Button Checkup/WinDoctor) that causes the 'trial version' problem

[raytv]

NIS should be fine really (even tho I had nothing but problems with the AV in 2006 and 2007 dying on me after a week or two).

It's Norton SystemWorks (the One Button Checkup/WinDoctor) that causes the 'trial version' problem

What? The trial version problem is caused by an anti-virus program?
I have seen the Knowledgebase warning of a re-install coming up as a trial version. But it doesn't say how to fix that.

[gi7omy]

No - NOT by the AV - what happens is the resgitry cleaner part of Norton WinDoctor deletes an entry in the registry causing the program to think it's a 'trial' version

There is NO, repeat NO problem using Norton Internet Security

[pantherburr]

Contemplating re-installing Creartor 9, I came across Roxio Knowledgebase article, "Invalid CD-Key" error when re-installing..."
Should you get this error you are directed to a patch: emc9rmv.zip. As instructed, I downloaded this to my desktop.
Having not decided if I am going to re-install, it sat there overnight.
This morning, my virus program auto-ran a scan and came up with this:
File: emc9rmv.zip; Result\Infection: Trojan horse Startpage.BLK; Path:Docs & Settings\my name\Desktop\emc9rmv.zip.

My virus program "healed" this item and removed it from my desktop.

What in the world is going on? How did this happen? Anything I did or didn't do?
Ray

Funny you mention this. I got the same thing with AVG, and when I looked at it, the only thing that this 'virus-Trojan' does is change you home page.

[gi7omy]

It's not a Trojan - honestly. What it does is to clean out registry entries left behind when you uninstall EMC9 prior to re-installing.

Because it deletes certain registry entries, almost every AV program flags it as a 'generic Trojan' because this is how Trojans behave.

To run it, you have to disable AV for the download (it only takes a very short time) and also when you run it after doing the uninstall. Once it has done its work, then turn the AV back on. (the AV will both block the download and also running it)

[WebDad]

I too discovered this "false negative" only yesterday. This morning AVG immediately informed me of the threat. When AVG is finished its full scan how should I handle this?

p.s. I've had nothing but grief with any flavour of Norton I've ever tried. Even including the version provided with Rogers HiSpeed Internet.

[gi7omy]

As I said before - turn off the AV while running the file and ONLY run the file AFTER you have done the uninstall from Add/Remove programs

[WebDad]

Yes, yes. I understand about shutting down AVG to download the zip & install the .exe. I was really just asking (off-hand) how to handle the "false negative" after AVG finishes. i.e. Move to vault? Ignore? Something else?

[Beerman]

Yes, yes. I understand about shutting down AVG to download the zip & install the .exe. I was really just asking (off-hand) how to handle the "false negative" after AVG finishes. i.e. Move to vault? Ignore? Something else?

Set it to ignore it and you shouldn't have to bother with it anymore. Although, when I get a major update from AVG, I find things I've ignored have to be set to ignore again.

[gi7omy]

You should only need to download it and run it once anyway

[REDWAGON]

I have been using Symantec's Norton Internet Security programs for years now and have never had any problems. I upgraded to NIS 2007 recently (my cost from the internet was way lower than the retail version at stores BTW, ($31.34) and can be installed on up to three (3) different computers) I have installed and un-installed several differnt EMC versions and have never had any security notices or "false" security issues.

Frank...

[gi7omy]

Frank, this particular problem is with emc9rmv.zip - because it deletes registry entries, it gets flagged as a Trojan

This post has been edited by gi7omy: 07 September 2007 - 10:11 AM

[jeanrosenfeld]

Norton AV also flags it: procedure is the same: disable NAV while downloading and running the app.