Hello! Our company develops a torrent client. Unfortunately your antivirus detects our program as malicious or unwanted software Win32: MediaGet-J [PUP]
We do not spread the virus and are working on it. We ask us to explain the reasons for the detective, so we can fix for this and your clients can benefit from our program.
PUP is only a warning that you have a Possible Unwanted Program
PUP scan is default off in quick/full scan but on in boot scan
have you tested the program at virustotal.com ?
Hi there,seems Avast is correct
https://www.virustotal.com/file/1ad315aeca505b7e25d135216a3bda3e2426d3767a3388ff7dafd6d785cb6da9/analysis/1345645838/
Hi Left123,
This again could be the detection of the RunTime packer. These proggies are renowned for FP’s with for instance ClamAV that cannot really analyze the used protection as it should be done. The nature of the proggie also makes it easily will fall into the category PUP especially if you did not decided to put it on your machine yourself. MountClass gives it qualities as a heuristic Trojan Dropper find.
The mutexes used are reminiscent of those used in malware like Trojan Clicker, Adware.
CTF.LBES.MutexDefaultS-1-5-21-1275210071-920026266-1060284298-1003 (successful)
CTF.Compart.MutexDefaultS-1-5-21-1275210071-920026266-1060284298-1003 (successful)
CTF.Asm.MutexDefaultS-1-5-21-1275210071-920026266-1060284298-1003 (successful)
CTF.Layouts.MutexDefaultS-1-5-21-1275210071-920026266-1060284298-1003 (successful)
CTF.TMD.MutexDefaultS-1-5-21-1275210071-920026266-1060284298-1003 (successful)
More on target see: http://www.google.nl/search?q=mediaget-installer-singleapplication-mutex&sugexp=chrome,mod=19&sourceid=chrome&ie=UTF-8
Software has been checked from 15 May 2012 on MD5 40ECB09B9DA944B7E1697B4C7372BA76 (then seen as clean)
Here the bad, the good and the ugly, all lined up for you:
http://www.isthisfilesafe.com/filename/40ECB09B9DA944B7E1697B4C7372BA76_details.aspx?filename=40ECB09B9DA944B7E1697B4C7372BA76
polonus
Hi mediaGet,
If you feel this to be a FP PUP detection, you can report a possible FP here: http://www.avast.com/contact-form.php?loadStyles
Then you have to wait for the avast analysts to decide,
polonus
First seen by VirusTotal
2012-07-30 13:14:47 UTC ( 3 uker, 2 dager ago )
sigcheck
publisher…: MediaGet LLC
product…: mediaget-installer Module
internal name…: mediaget-installer
copyright…: Copyright (c) 2011 MediaGet LLC
original name…: mediaget-installer.exe
signing date…: 5:57 AM 7/30/2012
comments…: MediaGet installer
file version…: 1.0
signers…: Media Get LLC; UTN-USERFirst-Object
description…: MediaGet installer
also click the behavioural-info at the bottom of the VT scan
that may explain why it is detected as PUP
Hi Pondus,
I know this a quite recent new Free torrent client installer from MediaGet, the Russian and Ukrain based developers thereof. The FP and PUP detection is because of the nature of the product and the protection used, that will make that every time a new installer version is launched it will meet these false detections. Developers that work with Delphi open software had a lot of these false detections from time to time as protection can be used two ways as is with all tools. You can use a hammer to ruin and use a hammer to sculpt beautiful things,
polonus
This was the official response from DrWeb’s: http://news.drweb.com/?i=2205&c=5&lng=ru
This is about the use of a promotional affiliate program. DrWeb decided to flags it as Program.Mediaget e.g. Program.Mediaget.3,
see: http://v.virscan.org/Program.MediaGet.3.html
This software is not a virus or a Trojan. It is detected as a “potentially unwanted program” (PUP). PUPs are any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose, but they alter the security state of the computer on which they are installed, or the privacy posture of the user of the system, such that most users will want to be aware of them. See: http://online1.drweb.com/cache/?i=6fda80ff0497a3a0bdc82497275edb0e
polonus
Good day! Please explain to us the following point: the free version antivirus, downloaded from your site, did not find any sort of threat and mediaget in particular. However, our users report problems with the installation of programs and resources Virustotal MediaGet detect https://www.virustotal.com/file/40e0700e6469ccf212e1b4a0b23065da68f5397bff853f81db842aa788cd19e0/analysis/1346143065/
How can you explain this?
Regarding the information on the site of Dr. Web, they refer to the affiliate program, which we have long been over, because it proved to be ineffective.
Also, please specify how it is possible to remove the Detect Possible Unwanted Program.