I am running VS9 and have recently installed the DVD Video recorder 2.1 from the smart download tool. My problem is that I have since ran a virus scan (Norton AV 2004) and it has detected an file that it belives to be infected with adware. the file is E:\Program Files\Common Files\Ulead Systems\DVD\ulStreamCache.dll. NAV believes that this is Adware.Winshow but when i look up the registry keys that is says should be removed they do not exist. I do not think that this file is an adware threat but please can you confirm weather of not it is a ulead file, the file is 61,440 bytes and the version is 1.0.0.14.
Thank you
Adware threat???
Moderator: Ken Berry
-
THoff
-
RichardB
- Posts: 21
- Joined: Thu Apr 07, 2005 2:16 pm
- System_Drive: C
- 32bit or 64bit: 64 Bit
- motherboard: INTEL BGP6710J
- processor: INTEL i7 2700K 3.5GHz Quad Processor
- ram: 8GB
- Video Card: NIVIDEA GeForce GTX 550 Ti
- sound_card: on board Realtek High Def. 5.1
- Hard_Drive_Capacity: 6TB
- Monitor/Display Make & Model: BenQ 19" FP937s
- Location: Johannesburg South Africa
-
THoff
I still think it's a false positive, and here is why:
Adware.Winshow is not a virus, it's adware, and doesn't spread itself by modifying and hiding in existing files. It simply creates a file called WinShow.dll, and creates the appropriate registry entries to become a Browser Helper Object so it gets launched automatically when Internet Explorer it opened. The fact that these registry entries are missing means that even if the file was infected, it wouldn't get loaded by Internet Explorer, and the code hidden in it would never execute.
Adware.Winshow is not a virus, it's adware, and doesn't spread itself by modifying and hiding in existing files. It simply creates a file called WinShow.dll, and creates the appropriate registry entries to become a Browser Helper Object so it gets launched automatically when Internet Explorer it opened. The fact that these registry entries are missing means that even if the file was infected, it wouldn't get loaded by Internet Explorer, and the code hidden in it would never execute.
-
keenart
During a Download Adware.WinShow can be downloaded as a Trojan requesting you to confirm a Dialog Selection, thereby installing on you computer.
Can’t imagine why VS would use such a component, but you should E-Mail Tech support with your complaint.
From Norton Anti-Virus Security
Adware.WinShow: This risk can be detected only by Symantec products that support security risks.
Behavior
Adware.Winshow is an adware component that modifies the Web browser's default home page and search settings without your permission.
Symptoms
The files are detected as Adware.Winshow.
Transmission
This adware component must be manually installed, or installed as a component of another program that you install.
If you are concerned about this component, then Quarantine the file. As some Adware can reinstall themselves.
More info: http://www.inet-mates.com/articles/3_rm_winshow.html
Can’t imagine why VS would use such a component, but you should E-Mail Tech support with your complaint.
From Norton Anti-Virus Security
Adware.WinShow: This risk can be detected only by Symantec products that support security risks.
Behavior
Adware.Winshow is an adware component that modifies the Web browser's default home page and search settings without your permission.
Symptoms
The files are detected as Adware.Winshow.
Transmission
This adware component must be manually installed, or installed as a component of another program that you install.
If you are concerned about this component, then Quarantine the file. As some Adware can reinstall themselves.
More info: http://www.inet-mates.com/articles/3_rm_winshow.html
Hi, although the tech support suggested that it is okay to delete the file, please do not delete the file yet, I think some spyware detects the file as a spy program/file (maybe because of the filename) though I think this is a Ulead official file for VS9 and MF4. I will (re)verify with Ulead about this concern.
If you have deleted the file, please contact Ulead technical support and ask for the copy of the file.
Although the effects of removing the file has not been generated, I hope it won't cause any harm to the Ulead program.
Thanks.
If you have deleted the file, please contact Ulead technical support and ask for the copy of the file.
Although the effects of removing the file has not been generated, I hope it won't cause any harm to the Ulead program.
Thanks.
-
THoff
For what it's worth, I've examined the InstallShield package on Disk 1 of the UVS 9 CD, and the file is there. It is contained in the archive data2.cab in the \Program\UVS9 directory.
The details of the file are as follows:
These CAB files are not standard Microsoft CAB files, you need a utility like i6comp to manipulate them.
The details of the file are as follows:
Code: Select all
Timestamp Size Attrib Compressed Idx Name
01-27-2005 12:16 61440 A___ 24893 85 DVD\ulStreamCache.dll