DSDPlus DSDPlus Virus???

NC4AB

Member
Premium Subscriber
Joined
Sep 18, 2004
Messages
96
Location
Wallburg, NC
Windows Defender just flagged DSDPlus.exe (version 2p448) for having a Win32/Phonzy.B!ml Trojan, just curious if anyone else had this show up and is it real or a false positive?
 

RaleighGuy

Member
Premium Subscriber
Joined
Jul 15, 2014
Messages
14,444
Location
Raleigh, NC
Windows Defender just flagged DSDPlus.exe (version 2p448) for having a Win32/Phonzy.B!ml Trojan, just curious if anyone else had this show up and is it real or a false positive?

Multiple virus scans have said all files in the zip folder are fine, as long as you downloaded it through the DSD program you'll be fine, if you got it anywhere else that's on you.
 

NC4AB

Member
Premium Subscriber
Joined
Sep 18, 2004
Messages
96
Location
Wallburg, NC
Direct download through DSD+ FastLane, Windows Defender keeps flagging it as a Trojan. Running a Malwarebytes scan on it right now.

Andy
 

NC4AB

Member
Premium Subscriber
Joined
Sep 18, 2004
Messages
96
Location
Wallburg, NC
Weird - Defender flags 2p448 as a Trojan but not 2p444. A scan with Malwarebytes says both files are fine.
 

mciupa

Canadian DB Admin
Moderator
Joined
Nov 5, 2002
Messages
8,557
Location
I'm here a lot
On my Windows Defender, this is the threat I received with my 2.448 download.
Trojan:Win32/Sabsik.FL.A!ml Defender did its thing and quarantined it before my eyes.
It was this file in particular:
DSDPlus2p448\FMP24.exe . It had flagged that file as failing, so I downloaded the base file.
 
Last edited:

GTR8000

NY/NJ Database Guy
Database Admin
Joined
Oct 4, 2007
Messages
15,953
Location
BEE00
Interestingly, it's only flagging the original 2.448 executable as a threat, not the replacement 2.448 executable that was quietly released 24 hours later without any notification or version bump.

I've never had issues with DSD+ Fast Lane going back to 2017 or whenever it was first released, however since the author is "unknown" (to most, at least), I can certainly understand why some would be cautious. Running software from a largely unknown coder on one's primary PC does take a little bit of faith in the community being fairly large with no real issues ever being reported to date.
 

frazpo

Member
Premium Subscriber
Joined
Jan 14, 2007
Messages
1,477
Location
SW Mo
Interestingly, it's only flagging the original 2.448 executable as a threat, not the replacement 2.448 executable that was quietly released 24 hours later without any notification or version bump.
:unsure: Makes you wonder.
 

LimaZulu

Member
Joined
Jul 7, 2011
Messages
365
Sometumes, when you make a mistake in your code, which is not unusual and happens to everyone, you often create so called "access violation" which is basically trying to access memory that's not yours. Or in other words, memory that is out of the scope of your application. Such behavior is sometimes categorized as some kind of threat by anti virus softwares which is to be expected.
Not that I am trying to justify someone, I just want to give another point of view as to why you may want to release a new version as quickly as possible skipping all kind of notifications, version changes and so on.
 

jets1961

Member
Joined
Jan 21, 2002
Messages
240
I had false positives way back a few years ago, forget version number. But it was just that a false positive.
 
Top