Trojan alert?

[NoCforMe]

Was having a bunch of problems with a program, so I decided to do a virus scan. It found an infected file in my MASM32 folder, menuedit.dll, which it quarantined.

Is this a part of the MASM32 package? If so, can I get a replacement for it (without having to reinstall the whole package)? If not, I wonder how it got there ...

[Vortex]

menuedit.dll , a file of the Masm32 package is completely safe. Here is Jotti's report :

http://virusscan.jotti.org/tr/scanresult/284999b01635f27ec6fe6f16363ecb7c7c0bde3e

Probably, your antivirus software reported a false-positive.

[NoCforMe]

That link does me no good; I don't even know what language that's written in.

So is this needed for MASM32? What's it's purpose?

[TmX]

That's Turkish. Check this link if you want the English version:
http://virusscan.jotti.org/en/scanresult/284999b01635f27ec6fe6f16363ecb7c7c0bde3e

[NoCforMe]

Hmm; I use PC Tools AntiVirus (a freebie). I didn't see it in the list.

So what if the file really was infected?

[TmX]

Could be a false alarm

Similar case:
http://www.masm32.com/board/index.php?topic=11488.0

[Vortex]

Hmm; I use PC Tools AntiVirus (a freebie). I didn't see it in the list.

So what if the file really was infected?

Here is a quick way to learn : Try to extract the dll file from the Masm32 package in another computer ( a safe and clean one ) and compare the md5 values of the clean dll and yours. You can try a Windows \ Linux based live CD if have no access to another computer.

[dedndave]

one thing - when you run across a page in a different language, use translate.google.com
copy/paste the URL into the left-hand pane, then click on it in the right-hand pane
it will also translate plain-text in small chunks
you will use this quite often when learning programming, as many languages are used

as for the DLL, i doubt it's infected
i haven't seen many viruses that infect DLL's
however, check the file size against the one posted on jotti page

you can also upload your own file there and test it   :U

[NoCforMe]

I reloaded MASM32 and submitted menuedit.dll to Jotti's malware scan (which is actually a very useful service that I've bookmarked); it basically told me "don't worry". So I won't.

But this raises several disturbing questions about viruses, malware, etc, especially since we seem to be so promiscuous here with executable files. I think we should take potential threats very seriously. (I would hate to be the source of a virus, unknowingly, that could infect other people's computers.) So I think it's best to err on the side of caution here, rather than dismissively hand-wave about how this is probably not a problem.

I'm still having strange problems with some code I'm writing, which is crashing on a CreateWindowEx() call for no apparent reason, but I scanned my system and it seems to be clean.

Couple other things: I actually think it's kind of rude to post a link in a foreign language and expect people to find it useful. Whlie i realize that this is an international forum, it's obvious that the common language here is English, not Turkish. (I would expect the same complaint if I posted English links on a Turkish site, by the way.) That's just my take.

Regarding Google-translating a page, thanks but no thanks. Have you ever actually tried this? and then tried to make sense of the results? Maybe if a foreign-language page was the only source of information, I might try this. Otherwise, life's just too damn short. Again, just my take.

And can anybody please tell me what menuedit.dll actually does? Why do I need it? My virus program (PC Tools) reported it as a "Trojan-uploader obfuscated N", whatever that means. I guess there must be some code in there that's self-replicating or something.

[dedndave]

when i d/l someones code....
i check to see if the EXE size is reasonable - you have to take resources into account
i generally don't run EXE's unless the source is included - and i assemble it myself
there are exceptions - like when it's someone i trust

as for the language thing....
i don't consider it rude at all
Erol (Vortex) is a major contributer
his expertise has helped me a lot

there are going to be several cases where you need to adjust to what is, rather than what you'd like
an example that comes to mind is the four-f tutorial for writing KMD's
and, yes, i have used google translate many times
it isn't perfect, but i can generally figure out what the intent is in foriegn text
it is not easy to write a translator, either

the truth is, i find it interesting to communicate with people from all over the world
but, that's just my take

menuedit.dll is used by QE, for editing menus (i assume   :P )

[AParsons]

I find it very interesting that you are compiling programs on your primary computer, unless I am mistaken of course.
I haven't done that for a very long time. I used to use my primary system for that until I realised that doing so put my system at risk. It used to annoy the crap out of me to rebuild it, after running either rougue software or a crashing program destroyed it. I now use Virtualbox https://www.virtualbox.org/ and build an environment in there.
That way if the program crashes the VM (Virtual Machine), no problem, just restart. Also I have snapshot of the VM before I think that I am going to do anything major or risky....or just plain stuipid. I can then step back before the problem, heaps better than M$ system restore.

You can ofcourse build a base image (Using Ghost or similar) and reload it to the PC, but it always be out of date.

The other thing is that I never run as admin on my primary PC. I have just enough rights to do what I need to do. I do run as admin in the VM, but that doesn't matter.

Also there is MS free AV http://windows.microsoft.com/en-AU/windows/products/security-essentials

Anyway sorry to go, just my 2 cents.

[NoCforMe]

I find it very interesting that you are compiling programs on your primary computer, unless I am mistaken of course.

You're not mistaken; that's exactly what I'm doing.

I completely understand your concerns; if I weren't poor, I'd get another computer to develop on. Someday ...

[jj2007]

I actually think it's kind of rude to post a link in a foreign language...

I find it very interesting that you are compiling programs on your primary computer...

Wow, this thread has all the ingredients for becoming "religious" :clap:
Will I land in hell because I use my primary computer for assembling my stuff? ::)

What if I use http://virusscan.jotti.org/it/scanresult/284999b01635f27ec6fe6f16363ecb7c7c0bde3e instead of tr? ::)

[dedndave]

Io non parlo Italiano   :red

[AParsons]

jj2007,

Everyone does what they do, for what ever their reasons, I mentioned Virtualbox because I have spent countless hours re-building / re-installing my PC in the past, that is just lost time that I could have been doing something else.
Also I hope that suggesting a VM may save some people some time and grief.

If you use your primary PC for assembling stuff, that's up to you.

Just trying to help, that's all.