Hi
I’ve had the following Trojan Horse warning today:
File name: C:\Program Files\TrueCrypt\TrueCrypt.exe
Malware name: Win32:Swizzor-N [trj]
Malware type: Trojan Horse
VPS version: 081125-1, 25/11/2008
Can I assume this is a false positive? The executable hasn’t changed since March this year…
Geof
I have v5.1
I can now no longer run my truecrypt.exe executable… is this a result of some action by avast?
I get the message: “Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item”
Geof
Did you put it in the virus chest or did the standard shield blocked it?
I selected “No Action” - which I assumed meant that avast wouldn’t do anything…
I found VirScan’s results for the file and it appears to be false positive.
http://virscan.org/report/178e75aeb35c783e1d484f040d599848.html
GData uses two engines, one is avast!.
I’m having exactly the same results - and am a bit annoyed! My system depends on Truecrypt (version 6.1 in my case now but I think it was 6.0a which tripped the alarm) and I have to disable the on-access scanner to even allow me to re-install the program.
“No Action” button does NOT take no action! (That needs fixing guys)
The exact same thing happened to me this morning. I also choose to take “no action”. And I, too, cannot run TrueCrypt anymore. No action should be no action, I’m pretty annoyed I now can’t access my encrypted volume anymore! >:(
But apart from me being annoyed… How to repair this?
With you mate!
I paused the standard shield, then installed the latest Truecrypt and all seems to be well again.
You didn’t loose access to your existing encrypted volumes with the new TrueCrypt installation?
I discovered that simply turning off Avast is enough to make TrueCrypt working again. Without reinstall. However, once you turn Avast on again, it will raise the Trojan Horse alarm, and TrueCrypt.exe cannot be started anymore. If you have already mounted a volume, that volume stays mounted and accessible. Also, as long as you don’t close TrueCrypt, you can keep mounting and unmounting volumes with Avast running.
So basically, at this moment I have to switch off Avast when I want to start up TrueCrypt.
the dickdavies solution worked for me too.
turned off avast
upgraded from truecrypt 5.1 to 6.1
rebooted
all is well!
I use full system encryption, and the upgrade had no negative impact on this
Geof
ps - note that if you don’t turn off avast, you won’t be able to install the new version of truecrypt