• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Advanced

Not what you are looking for? Ask the experts!

Kudos0

SYSTWEAK = TROJAN.GEN.2

 I just tried to use a duplicate photo remover from “SYSTWEAK” / “CLEVERBRIDGE”.

Prior to executing the download, NORTON quarantined and removed the executable software.

Norton found a high security risk called  “TROJAN.GEN.2”.

Labels: Auto-Protect

Replies

Kudos1 Stats

Re: SYSTWEAK = TROJAN.GEN.2

Hi DANIEL PRINDIVILLE:

Trojan.Gen.2 is a low risk generic detection that Symantec uses to flag files that exhibit some sort of suspicious behaviour that is characteristic of other known trojans (e.g., code that could create a backdoor that allows your PC to be remotely controlled) even though Symantec does not have definitive evidence that the file is actually malicious.  The full write-up for Trojan.Gen.2 is posted in Symantec's A - Z Listing of Threats & Risks at http://www.symantec.com/security_response/writeup.jsp?docid=2011-082216-3542-99.

The herdProtect report for the Systweak's Duplicate Photos Fixer Pro installer (dpfsetup.exe) at https://www.herdprotect.com/dpfsetup.exe-1c1cc970c8c9ab16367e1d998f3034eac74e06d3.aspx indicates that several different antivirus scan engines have detected PUPs (potentially unwanted programs) bundled inside Systweak installers that could be installed on your computer when you run their .exe file.  PUPs cover a wide range of unwanted software such as adware, browser hijackers, etc. and the Download Insight feature of your Norton product likely detected one of these bundled PUPs in your installer.

Please see gablegal's thread Trojan.Swifi? for instructions on how to find and submit the SHA-256 hash (digital fingerprint) of your quarantined Systweak installer to VirusTotal to see if other antivirus engines (e.g., AVG, Bitdefender, Kaspersky, etc.) confirm that your file is malicious/suspicious.  If VirusTotal reports a low detection rate (e.g., 0/54 or 1/54) for this executable you can be relatively confident that your particular installer is not malicious, and you can submit a false positive report to Symantec at https://submit.symantec.com/false_positive/.  If Symantec confirms the installer is safe they will add it to their whitelist of trusted files and ensure that Download Insight will no longer quarantine your installer.
-------------
32-bit Vista Home Premium SP2 * Firefox v42.0 * NIS (2014) v21.7.0.11 * MBAM Premium v2.2.0

Kudos0

Re: SYSTWEAK = TROJAN.GEN.2

Excellent response ... KUDOS.  But ...

"PUPs cover a wide range of unwanted software such as adware, browser hijackers, etc."

Then how do we get Bing to stop its hijacking?  Wrong forum?  Where do we complain? M$?  Can't say?  Won't say?

As a "Norton Fighter", openly sending someone to Virus Total (a Google company) is like saying "We give up.  What do you think we are ...   an AV company?"  [Not good.  Shame on you.]  But I guess that's what things have come to.  I would have PMed that advise, but I give you credit for being honest.

"... you can submit a false positive report to Symantec ..."

Once again, another software company letting the Customer do it's R&D.  [Slick, but shameful.]

I '86ed' SysInternals a long time ago for 2 reasons:  [1] It was a 'half-baked' M$ utilities project (and still is) that caused more problems than it solved.  [2] Virus Total was a part of it, and I already HAVE a good AV... or at least I thought I did.   - Art

[PS:  Art is having a really bad day.  ]

Words of Wisdom: ["THE ROAD TO HELL IS PAVED WITH GOOD INTENTIONS"] - Grandparents [There has never been an original thought.] - Someone, I'm sure [I've spent my whole life 'polishing turds'] - Me
Kudos0

Re: SYSTWEAK = TROJAN.GEN.2

Article_86,
While I do not share your negatives regarding VirusTotal nor Sysinternals.

I'm confused why you reference Sysinternals.
Systweak Software is a software developer located in Jaipur, Rajasthan in India*. Software developed by Systweak Software has been typically classified as potentially unwanted software.

Kudos0

Re: SYSTWEAK = TROJAN.GEN.2

Article_86:

Then how do we get Bing to stop its hijacking? 

Deselect "Make Bing my search engine" when updating Skype, for one thing.

Article_86:

As a "Norton Fighter", openly sending someone to Virus Total (a Google company) is like saying "We give up.  What do you think we are ...   an AV company?"  [Not good.  Shame on you.]  But I guess that's what things have come to.  I would have PMed that advise, but I give you credit for being honest.

VirusTotal is an extremely useful aggregator of information.  I am not sure why you would think advising someone to check a file at Virus Total would reflect negatively on Symantec.  Symantec is a participant in VirusTotal.  There is never any harm in getting a second opinion (or in the case of VirusTotal, a 22nd opinion) - it's recommended all the time.

Kudos0

Re: SYSTWEAK = TROJAN.GEN.2

yank -

Don't you ever get tired of proving me wrong? 

"Deselect "Make Bing my search engine" when updating Skype, for one thing."

I think that something has changed with Bing.  Previously, if my memory serves me (and often it doesn't), after M$ acquired Skype they added cookies for M$ M$N and Bing w/ no option.  To clarify, with the help of M$ updates,  they enabled Bing to 'hijack' the Default Search Engine and it could not be changed in M$ IE settings.  The default settings were inoperable and it took quite a lot of 'cleaning' to uproot (at least for me) ...  a provided a great way to accumulate metadata.  It was like that for quite a while and spurred me to 'shout from the rooftops' about it.  That has now changed.  I am sure that M$ and their "partners" spend an inordinate amount of time developing other, more sophisticated ways of doing that and the efforts will not end until there is a dramatic shift in today's societal paradigms.  One such vehicle would be mass extinction, either globally or selectively.  A revolutionary concept?  Hardly, IMO.  That day is not far away.  But that's a different story ... or is it?  That's 'where I'm coming from'.

"VirusTotal is an extremely useful aggregator of information."

I was totally unaware (as usual) of the 'partnership' between the two.  I jumped to conclusions, once again.  Thanks for 'keeping me honest'!   However, the 'scuttlebutt' at the time was that their 'aggregation of information' was more insidious than was reported to the public. [Big surprise there, huh?]  As for me, I know that people think that I'm paranoid, but the question is; am I paranoid enough?  Remember "1984"?  Not the year, but the movie.  I was at University when it was released and it really 'shook people up', and 'lifted the vale' from my eyes.  That dude 'hit the nail right on the head'.  Vigilance, my friend.  Vigilance.  - Art  "Who knows what evil lurks in the heart of man.  The Shadow knows."  Thanks for 'throwing that softball'! hehehe  - Art

Words of Wisdom: ["THE ROAD TO HELL IS PAVED WITH GOOD INTENTIONS"] - Grandparents [There has never been an original thought.] - Someone, I'm sure [I've spent my whole life 'polishing turds'] - Me
Kudos0

Re: SYSTWEAK = TROJAN.GEN.2

Yank hasn't posted in this thread.  

Windows 10 x64 1903
Kudos0

Re: SYSTWEAK = TROJAN.GEN.2

yank-?????????????

This thread is closed from further comment. Please visit the forum to start a new thread.