There is good software that is provided free of charge to monitor and cure Trojan & Virus.

◈ ALYac Internet Security Pro

01. Employeed Triple Engines
* Uses Tera Engine(developed by ESTSecurity), Bitdefender, Sophos Engine
* Powerful detection of malicious codes

02. Less resource utilization through engine optimization and weight lightening
* Optimized Scanning Engine
* Less resource utilization through weight lightening

03. Smart Scanning and Minimizing False Positive
* Fast and efficient scanning based on the white list
* Fast scanning time
* Minimize false positives by using various criteria

04. Various OS Support
* Full support for 64bit OS
* Full support for Windows 10

Free : https://en.estsecurity.com/product/alyac
Thanks To : https://www.onca3535.com

https://game.giveawayoftheday.com/mountain-crime-requital-2/ is being blocked by Malwarebytes. I know the site works hard to keep the downloads safe, and it's probably a false positive, but where the installers also have false flags from other A V Programs, if this is also a false positive, maybe it's time to look into a different format for the installers so we don't have to strip out computers of all protection to be able to install the software.

It's almost certainly a false positive.

As I understand your post, you installed SIW (System Information for Windows) in January 2015 (or maybe Apr 2014) in a system running Windows 7 and some security software. Presumably, you ran periodic virus scans on the old system and, if not, it's a fair bet that somebody who installed the software ran a virus scan with no reported problems. Then, later, you upgraded to Windows 10 with its security software and the new security software found an issue. The only things that changed were the OS and the virus scanner you used, the file stayed the same.

It's common for one anti-virus program to find stuff that other programs "missed". If you know you're going to change A/V programs it's a good idea to run a full scan before you change and another full scan after the change to get the false positives out of the way.

If you want greater peace of mind, retrieve the file from quarantine and send it to the links Anonymous provided above: http://www.virustotal.com/ and/or http://virusscan.jotti.org/en-gb

Microsoft Windows Defender just quarantined the following: SIW gotd\unins000.exe

I had just uninstalled this program yesterday. I'm running Windows 10 Pro and program was originally installed on Windows 7 Pro.

Norton Internet Security sees Altercam 1.5 setup/install files as SONAR.SuspBeh!gen3 and promptly removes the software.

Altercam looks like it was developed using a Visioforge SDK -- IOW that's the company that Altercam's developers licensed the video-related code from. Don't see anything bad Googling on different terms including visioforge -- they're even listed on Microsoft's dev site. Since it was heuristic behavior analysis that flagged it, IMHO maybe something dual-use that could be used by good software as well as bad, e.g. hooking. Microsoft's Security Essentials & Bitdefender both give Altercam a green light.

While it's too late of course to do anything about it [the GOTD was different than the trial download], maybe a good future strategy when/if that sort of thing happens might be to check the trial download with Norton too. If it doesn't object, it probably doesn't like the GOTD wrapper. If it does flag the trial you could submit it to as many on-line AV scanners as you wanted.

Norton Internet Security sees Altercam 1.5 setup/install files as SONAR.SuspBeh!gen3 and promptly removes the software. It is actually the SONAR heuristic detection that detected/removed it:

http://www.symantec.com/security_response/writeup.jsp?docid=2013-111415-1843-99

I think I'm getting a false positive, but I can't be sure. I tried to install AthTek Registry Cleaner and Norton said there was a trojan virus in it. Now, if someone can reassure me there is no threat, I can disable Norton and go ahead with the installation. Please, if you were able to download this with Norton, let me know.

Thanks so much,
Judy

@ Please see the new project intended to fix...

It seems the link Jeremy Collake posted is no longer valid.

In case you have problems with False Positives you may find following article from gizmo's Techsupportalert helpful:

http://www.techsupportalert.com/content/how-report-malware-or-false-positives-multiple-antivirus-vendors.htm

The links posted by anonymous three years ago are still valid, only false positive report.com has gone. I will delete the comment to save confusion. :)

This site is no longer operational.

Please see the new project intended to fix and PREVENT false positive and mis-rated sites through TRANSPARENCY and ACCOUNTABILITY. By submitting reports to a CENTRAL location, security vendors can find them easily, communicate with affected parties, and USERS can see which security vendors are trying to AVOID COLLATERAL DAMAGE.

Remember, once a false positive or mis-rating happens, the damage is already done. So, in addition to fixing them rapidly, security vendors must be interested in working to AVOID them. Some are, some aren't. This non-profit, all volunteer site will help show which security vendors care the most.

Please see: http://falsepositivereport.com

...EDITED... by graylox 31-07-2014

It seems the link Jeremy Collake posted is no longer valid.

In case you have problems with False Positives you may find following article from gizmo's Techsupportalert helpful:

http://www.techsupportalert.com/content/how-report-malware-or-false-positives-multiple-antivirus-vendors.htm

http://www.virustotal.com/

http://virusscan.jotti.org/en-gb

scan on line and see if it virus or not

Ho appena installato "Immagine Downloader" ed è stato consigliato dal mio AVG is 9.0
che conteneva un malware.
uso windows 7 sp1.
l'antivirus è aggiornato,l'ultimo aggiornamento è stato fatto oggi,il 17\2011

Hi,
I just installed "Picture Downloader" and was advised by my AVG Anti-Virus Free software that it contained a trojan horse.

1) I use AVG Anti-Virus Free 9.0.901 with virus database 271.1.1/3737
2) PD.exe contained a Trojan horse called SHeur3.CHKN
3) I'm running Windows Vista SP2

My scanner signature/database is up to date and current.

I have the very same Malware message as Samizdat, except with Google Chrome right after downloading Photostitcher, and it ultimately prevented me from accessing internet with ANY browser. Turned out I had a nasty virus in OS that required reimage.

noscript, you don't need flashblock as noscript will stop flash as for uninstall firefox with revo uninstaller, I don't like as no need and you can refit firefox and it will pick up all the old ad-ons if you think ad-ons are bad you can click Help Restart with Add-ons Disabled test and add one at a time to find the bad one

hi AP.

maybe i'm of some help. excuse me if i post something that has already been posted by someone.

first of all. check if you has a multiple AV/antispyware with resident shield enabled.

if you have it disable ALL (SO WE CAN VIEW if it's their fault)

i've read you has AVG 2011. it has done the same thing to me. check the quarantine and disable the check of the web temporarily. the try again. if it's fault of avg who checks and quarantine the files probably you pc has been infected by some malware who infect all the files you download (and so you avg quarantine it)

check even your zero day protection sw (generally it acts in background) particularly if you use threathfire (very good but invasive)

however i don't think is this the reason. yeah. all this was a preliminary check to exlude the most common reason and establish you pc is sane (check also with malwarebytes, spyware doctor and super antispyware in a row).

i think indeed you use firefox with a lot of security extension malconfigured.

for example noscript, adkiller, flashblock, flasblock, betterprivacy and ghostery

all this very useful extension are designed to "monitor and eventually block java content in some way. you see ... the download is performed by a script and so if you has malconfigured your extension these can conflict each other.

try disabling ALL reboot your firefox (or chrome) and try to download again.

it can be also a fault in the updating of your firefox. i love firefox is my favourite browser but he can be erratic in his update process. ultimately if all fails try to uninstall firefox with revo uninstaller (which removes all trace of the sw with the last option) and reinstall firefox. then try to download if all is fine was a updating error. now reinstall your extension and configure them one by one trying if there is a download issue.

hoping to help.

update now look's like false positives. may be in a few days all good with a update

http://www.virustotal.com/file-scan/report.html?id=28c3e2aa9c5e67cf6f41e00eee10e7f5b588964fbb24485ce9a6c5ceca5a579e-1306014612

File name:ASTROAVENGER.EXE
Submission date:2011-05-21 21:50:12 (UTC)
Result:2 /42 (4.8%)
ClamAV and Ikarus are not good.

Well NoVirus has only 6 test tools yet.
I have tested with VirusTotal and got 3 red out of 43.

http://www.virustotal.com/file-scan/report.html?id=28c3e2aa9c5e67cf6f41e00eee10e7f5b588964fbb24485ce9a6c5ceca5a579e-1305967450

And this is the report of Jotti's Malwarescan.
http://virusscan.jotti.org/en/scanresult/b14b37d74fdfbc33344223923f9616cf3cad081e

You can be sure, that these three are false positives.

GOTD always scans the packages their give away - otherwise it would be a bad reputation.
Please read the FAQ: Viruses detection

graylox

Hi,

sorry for my bad english (I'm german^^).
Today I've downloaded "Astro Avenger" and my virus scanner told me that "AstroAvenger.exe" is spyware. I'm using "Ashampoo Anti-Malware".

Further informations:
System: Win7 64bit

File Info

Report date: 2011-05-21 17:44:41 (GMT 1)
File name: astroavenger-exe
File size: 1785856 bytes
MD5 Hash: 590dbdb889fb347a71372f70f75e570f
SHA1 Hash: 4e69d6b78858a3e81a3db4d56722b1e75e215713
Detection rate: 2 on 6 (33%)
Status: INFECTED

Detections

AVG - [/color]
Avira AntiVir - [color=red]
ClamAV - [/color]
Emsisoft - [color=red]Trojan.Win32.Buzus!IK
TrendMicro - [/color]
Zoner - [color=red]Trojan.Ardamax.JLF

Scan report generated by
NoVirusThanks.org

Yours Sincerely
Mark

had Malwarebytes said bad Adware on my Antivirus so I said fix it and it take off the ad for %30 off Price to buy may be some ad's not so bad ?

Like I said, I hope GOTD would contact fireheart and maybe even scan it with Malwarebytes' Anti-Malware first.

It's Fireheart that ultimately should contact Malwarebytes who pride themselves in finding malware that other programs don't find.

I have the #1 AV as rated by AV-Comparatives.org (F-Secure) and it didn't find anything.

It's funny how people give positive reviews of anti-malware products as 'It found malware that other programs didn't!' yet when one of the top #2 'second line of defense' anti-malware products finds something, it's discarded because other programs didn't find anything.

Like I stated earlier, adware doesn't scare me and I left it on my computer. My wife loves it and uses it at start-up on hers, but I think GOTD should notify Fireheart that a leading anti-malware program is reporting a product they distributed as malicious. That's not asking too much. I could understand blowing this off if some unknown program found it but this is a respected product. It's in both companies best interest that they communicate about this.

A lot of people would have just let malwarebytes remove the program and left a nasty revie of GOTD at WOT. This was just a friendly FYI that I thought would be appreciated and handled swiftly. I guess I will email Fireheart. Sigh :-)

PS - I noticed the 01-11-2011 giveaway, Inpaint's registration has already expired. I wonder where I post that info. It will clean up pics but when you try to save it it tell you to purchase it now. Shame...I liked that program.

Hotdoge I don't know what scan you have posted - the link is broken, therefore I deleted it.

This is the scan of fireheart.exe by VirusTotal: fireheart.exe

File name:
fireheart.exe
Submission date:
2011-05-11 04:22:01 (UTC)
Current status:
finished
Result:
0 /42 (0.0%)

And this is the scan on the NoVirusThanks site UrlVoid: fireheart-exe

File Info

Report date: 2011-05-15 04:41:56 (GMT 1)
File name: fireheart-exe
File size: 2316800 bytes
MD5 Hash: d2c8013aef802756c6d01291de827868
SHA1 Hash: 2bf8050d10a0d6178dd54d3d5edfef31c767071d
Detection rate: 0 on 6 (0%)
Status: CLEAN

Detections

AVG - [/color]
Avira AntiVir - [color=red]
ClamAV - [/color]
Emsisoft - [color=red]
TrendMicro - [/color]
Zoner - [color=red]

Scan report generated by
NoVirusThanks.org

graylox

@ samizdat
We didn't get any other report about this issue. GOTD scans all their zip files before they release them.
I too have installed this programme and scanned with several AV & AntiMalware tools and didn't find anything.
It is most likely a false positive, you should report it to Malwarebytes' Anti-Malware as it is related to your system and you have the log file.

graylox

hotdoge3, VirusTotal doesn't find anything but those programs are looking for viruses. Yes, some find adware but Malwarebytes' Anti-Malware, Ad-Aware, SuperAntiSpyware, etc. are different from anti-viruses in their approach to finding malware and adware. This may be a false positive but I thought I would bring it to the attention of giveawayoftheday.com since they distributed the software and Malwarebytes' Anti-Malware is one of the top three 2nd line of defense in malware and adware.

As for symptoms on my computer? I just use Firefox with several ad-ons to block ads and pop-ups. I haven't seen an internet ad or pop-up in a long time, so, even if I was infected, I wouldn't see any symptoms.

The best thing to do would be for GOTD to contact the software company, notify them of the detection and if it's a false positive, Malwarebytes' Anti-Malware will correct this. Adware doesn't scare me so I left it on my system but hopefully, in a week, my scan results will be different.

That Found Malware ? Looks like Adware to me not that bad PC do you get Adware pop-ups ?
try as scan with,
http://www.virustotal.com/

or

http://virusscan.jotti.org

Subject: Fire Heart Desktop Gadget
Giveaway Date: 05-01-11
OS: Windows 7 x64
Program That Found Malware: Malwarebytes' Anti-Malware (Using Full Scan)
Results: Adaware.Dropper

Has anyone experienced any virus/trojan issues with an GOTD programs lately? Last thing I downloaded was the PhotoStitcher on 5/2/11, and after that I got hit something that invaded my entire OS. It looked like a virus alert & kept me from even using any browsers. Had to reimage my hard drive even after trying to clean it up. I don't download much & am very careful about what I do download or click on. I realize it could have been attached to something else for a period of time before activating. Just investigating to figure out where it came from...

not fix only update & update next windows 8 come & it not be fix as well

http://www.microsoft.com/technet/security/bulletin/MS11-029.mspx?pubDate=2011-04-12

Microsoft Security Bulletin MS11-029 - Critical
Vulnerability in GDI+ Could Allow Remote Code Execution (2489979)
Published: April 12, 2011

and good luck with finding the file to download all you get it will up date with luck on my PC Agent Ransack find PS NEW Setup 12 February 2011 and all auto updates XPsp3 fist .NET Framework 1.1 & 2 a no to 3 , 3.5 & 4 not like.

C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\gdiplus.dll 1,606.00 KB 20/03/2009 10:10:46 a.m.(ver 5.1.3102.1360)
5.1.3102.1360 (xpsp2.040109-1800) gdiplus (Free ashampoo WinOptimizer 6 Timestamp Friday, 20 March 2009 ashampoo GmbH & Co. KG)

C:\WINDOWS\system32\gdiplus.dll 1,667.00 KB 25/07/2010 9:23:22 p.m.

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.0.0_x-ww_8d353f13\GdiPlus.dll 1,661.00 KB 28/08/2010 8:35:48 p.m.

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c\GdiPlus.dll 1,684.00 KB 28/08/2010 8:35:54 p.m.

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll 1,708.00 KB 14/08/2009 1:55:04 a.m.

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\GdiPlus.dll 1,708.00 KB 23/10/2010 12:51:27 p.m.

DANGER: GDI+/JPEG Vulnerability - Yes, Again in 2011

(Here's the utter joke)
Microsoft Security Bulletin MS04-028
Issued: September 14, 2004
Updated: December 14, 2004
Version: 3.0
(/end joke)

Today is Saturday, April 16th, 2011 and yes I am referencing a document from BACK IN 2004 !

I'm going to bet everyone reading this on the forum (bar the few who still have gdiscan.exe from SANS), has this Vulnerability again, Yes I said Again. Even though you patched up on patch Tuesday several years ago, the chances are pretty high you have this same vulnerability again, and it's again a ticking time bomb. And the sad part is there's no simple patch then, today, nor into the future.

Just a scan from my own system, and I came up with these.

C:\Program Files\Alchemy Mindworks\Pagan Daybook 3\GDIPLUS.dll
Version: 5.1.3097.0 <-- Vulnerable version
C:\Program Files\CS Odessa\ConceptDraw 7 Professional\gdiplus.dll
Version: 5.1.3079.3 <-- Vulnerable version
C:\Program Files\Daniusoft\Video Converter\gdiplus.dll
Version: 5.1.3097.0 <-- Vulnerable version
C:\Program Files\iSkysoft\FLV Converter\gdiplus.dll
Version: 5.1.3097.0 <-- Vulnerable version
C:\Program Files\Maizesoft\Maize Studio\gdiplus.dll
Version: 5.1.3097.0 <-- Vulnerable version
C:\Program Files\Pinnacle\VideoSpin\Programs\gdiplus.dll
Version: 5.1.3097.0 <-- Vulnerable version
C:\Program Files\Power CD DVD Recovery\GdiPlus.dll
Version: 5.1.3101.0 <-- Vulnerable version
C:\Program Files\TVUPlayer\GDIPLUS.DLL
Version: 6.0.3260.0 <-- Vulnerable version

As you can see some of these came from right here on GOTD / GGOTD
While, nothing sinister there, what is sinister is some of these are media related, and could have zapped me.

I have some opinion, then I will give the fix -- for now, I say for now, because who knows what happens EVERY TIME YOU INSTALL SOMETHING I GUESS WE NEED TO RESCAN?!

I post here in hopes that the software developers can be forced to get the message. And at the same time it's not an excuse to upgrade to a new version. Each of these developers ought to provide a fix, without an upgrade! This is important, as it should not be allowed to punish the users (with an upgraded, and now non-functional de-registered vaporware trial) because of their own sloppy mistakes and work!

The second thing here is the Microsoft end of the deal beginning with their lame excuse for a fix. http://www.microsoft.com/technet/security/bulletin/ms04-028.mspx
Frankly at this point I would not even go to Microsoft for the fix, because god only knows what you might do to your system. Yet, We need to go there for the fix. Yeah psyop mind game I hear ya, that's what I call it too..

What We need from Microsoft is the file gdiplus.dll that's it. Go Get it. Extract it, get that file gdiplus.dll your going to copy it to each place the scanner found.
http://www.microsoft.com/downloads/en/details.aspx?FamilyId=6A63AB9C-DF12-4D41-933C-BE590FEAA05A&displaylang=en&pf=true

Then there's the SANS Scanner. Wonderful they pumped the tool out during all the confusion back in the day. But then for some unknown reason for a few years, it was unavailable. I mean literally a 404 error. Then suddenly today in 2011 I noticed it's back again from the twilight zone. http://isc.sans.edu/tools/gdiscan.html You want to download the GUI cause it will just make things simpler.

Okay, you have your scanner, you have the file to fix the files scanned.
You run your scanner, you rename the existing files to something else gdiplus.dll to gdiplus.dll.JUNK Pick your own named system, I don't care, delete them if you want. If you backup, then you can rollback if need be, but I don't have a need personally, so I would just delete for security sake. Then copy the new gdiplus.dll to the same directory. Rescan, Rinse, Repeat until the errors are gone.

I'm sure I'm missing something, and so you are welcome to fill in the blanks. It really is lame that I have to even take the time to bring this to people's attention, but what can I say, I just found it, what am I to do, be quiet about it, watch as my friends get zapped by it? If this thing doesn't work in your Windows 7, I don't know what to tell you to do, try setting the compatibility mode to XP, or else upgrade to WIN XP SP3 (Yeah, I am being very sarcastic.)

URL / TOOLS / RECAP
-------------------

Well laid out fix Info. Helps to understand what's happening.
http://www.lafn.org/webconnect/mentor/GdiJpegVulnerability/index.html

GDI Scan (tool) from SANS
http://isc.sans.edu/tools/gdiscan.html

Microsoft Security Bulletin MS04-028 Horribly laid out info, adds confusion.
http://www.microsoft.com/technet/security/bulletin/ms04-028.mspx

Platform SDK Redistributable: GDI+
http://www.microsoft.com/downloads/en/details.aspx?FamilyId=6A63AB9C-DF12-4D41-933C-BE590FEAA05A&displaylang=en&pf=true

In any effect, Go patch up, your welcome, enjoy! , or not. ;o)