~pcwiz Posted August 1, 2008 Share Posted August 1, 2008 I am running Vista x64, and I tried to install Dreamweaver CS3 and about halfway through the install when it was installing Adobe Bridge CS3, it picked up a virus: C:\Program Files (x86)\Adobe\Adobe Bridge CS3\AdobeXMPScript.dll Infection: Win32:VapsupIL [Tri] Of course I aborted the installation and removed the offending files, but any idea why it would have triggered a virus alert? Link to comment https://www.insanelymac.com/forum/topic/118862-virus-in-dreamweaver-cs3/ Share on other sites More sharing options...
Colonel Posted August 1, 2008 Share Posted August 1, 2008 And from where did you acquire this copy of Dreamweaver...? Link to comment https://www.insanelymac.com/forum/topic/118862-virus-in-dreamweaver-cs3/#findComment-841753 Share on other sites More sharing options...
~pcwiz Posted August 1, 2008 Author Share Posted August 1, 2008 Adobe's site, its the trial version... Link to comment https://www.insanelymac.com/forum/topic/118862-virus-in-dreamweaver-cs3/#findComment-841755 Share on other sites More sharing options...
hegils Posted August 1, 2008 Share Posted August 1, 2008 I am having the same problem, but in PhotoshopCS3. C:\Program Files\Adobe\Adobe Bridge CS3\AdobeXMPScript.dll Win32:Vapsup-IL [Trj] Trojan Horse 080801-0, 01.08.2008 I got mine from ADOBE orginal CD. Link to comment https://www.insanelymac.com/forum/topic/118862-virus-in-dreamweaver-cs3/#findComment-841798 Share on other sites More sharing options...
~pcwiz Posted August 1, 2008 Author Share Posted August 1, 2008 Yeah, so this is with the Adobe Bridge component that gets installed with any CS3 app. Maybe its a false alarm, but I let the install finish, started up Dreamweaver, seemed to be fine but when I tried to quit it, the entire program crashed. I thought this was a bit weird, so I went in and tried to uninstall it, and it wouldn't uninstall! I ended up downloading the CS3Clean script from Adobe, I ran it, and it manually removed all CS3 components. It all sounds a bit fishy to me, I'm gonna run a virus scanner and see if anything unusual pops up. EDIT: Oh yeah and avast seems to find viruses in a lot of Adobe products. It detected a virus in a perfectly fine setup exe of Adobe Acrobat Reader version 6 or 7 (can't remember which) Link to comment https://www.insanelymac.com/forum/topic/118862-virus-in-dreamweaver-cs3/#findComment-841803 Share on other sites More sharing options...
FrankOS_Scripting Posted August 2, 2008 Share Posted August 2, 2008 If you read a bit, how an A-v works is very simple. The Av ex.: Nod32 scan the file. The scanner use is heuristic scanner (most of the time). Means when he scan xyz.dll, he check out if in the file if they're no lines of coding (like c+) similar to a virus stored in the Virus database (know in the past). That's very possible that Avast detects for one single line a potential line of malware. And bang, virus detected. False alert. Trojans are the most based on C+ btw. Adobe hit by second vulnerability More document software security worries. PDF software giant Adobe has released details of its second vulnerability in little over a week. The first, which was discovered in the company's PDF reader itself, was soon discovered to be less serious than initially believed; the second, a buffer overflow problem in the Adobe Download Manager, is described as 'highly critical' by security watchers at Secunia. Help Net Security August 2008 The earlier problem, affecting Adobe Acrobat 7 and Adobe Reader 7, was first thought to render the system vulnerable to remote access, but on further investigation by Adobe it was discovered that the most serious danger was of a crash in the product (see the Secunia alert here). The latest problem, first spotted by researchers at eEye Digital Security and TippingPoint's Zero Day Initiative, was reported to Adobe almost a month ago, and is now being disclosed in the wake of a fix release. The vulnerability could be used by malicious sites to gain remote system access, and all Adobe users are advised to ensure they update to the latest version. Full instructions are available from Adobe, here. Friday, 15 February 2008New Adobe Javascript virus - Acrobat 8.1.1 and earlier McAfee Avert Labs is tracking an active exploitation of a recently patched vulnerability in Adobe Acrobat Reader now in the wild. The current vulnerability can be embedded in a PDF file and manipulated through Adobe JavaScript. The first evidence of such maliciously crafted PDF files was posted to an Italian message forum from an alert administrator who noted that three of his workstations had been infected. Successful exploitation leads to the embedded JavaScript being executed on the victim's machine. The script attempts to download a Trojan from an IP address in the Netherlands. This exploit works for both browser-based and email attack vectors and affects the following Adobe products: Adobe Reader 8.1.1 and earlier versions Adobe Acrobat Professional, 3D, and Standard 8.1.1 and earlier versions Not quit sure of the safety of Adobe apps lol... Link to comment https://www.insanelymac.com/forum/topic/118862-virus-in-dreamweaver-cs3/#findComment-841966 Share on other sites More sharing options...
Recommended Posts