Malware in vdhcoappsetup-1.2.4.exe
7,314 views
Skip to first unread message
cincywor...@gmail.com
Jul 25, 2018, 3:22:21 AM7/25/18
to Video DownloadHelper Q&A
Encountered the following in Norton when installing and launching vdhcoappsetup-1.2.4.exe via FIREFOX BROWSER:
Threat type: Heuristic Virus. Detection of a threat based on malware heuristics.
____________________________
fe4e54f04c0e5f0f49e210bba020d2772818b15f Threat name: Heur.AdvML.C
This file risk is high.
____________________________
https://github-production-release-asset-2e65be.s3.amazonaws.com/108186071/c036135a-7faa-11e8-87ad-cc9be00dd6d8?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A/20180721/us-east-1/s3/aws4_request&X-Amz-Date=20180721T201808Z&X-Amz-Expires=300&X-Amz-Signature=97cb0f6225f48ac7300870952dc89ec320cf3bfbff4a607bf75bdbd3e459bfd8&X-Amz-SignedHeaders=host&actor_id=0&response-content-disposition=attachment; filename=VdhCoAppSetup-1.2.4.exe&response-content-type=application/octet-stream
Downloaded File from amazonaws.com
Source: External Media
fe4e54f04c0e5f0f49e210bba020d2772818b15f
____________________________
File Thumbprint - SHA:
0abe1bce8d2b12fd3c4e37068d09adcb9cfca688f95cc0c6fcef0a2704b9c347
File Thumbprint - MD5:
a9cd562812c9cf21e2f50ffddbf7ff33
mig
Jul 25, 2018, 6:22:19 AM7/25/18
to Video DownloadHelper Q&A
False positives are common, particularly if you are not up to date with the AV database. However, from your report, it looks like the MD5 signature is wrong. The original file and the one i redownload from https://github.com/mi-g/vdhcoapp/releases/download/v1.2.4/VdhCoAppSetup-1.2.4.exe have MD5 signature f8f5662cc2bfe170ae7ff6bac96dd397, not a9cd562812c9cf21e2f50ffddbf7ff
Where do you download this file from ? It is also possible that your computer is already corrupted and it corrupts the downloaded file when it arrives on your machine. Can you check that (running a computer scan) ?
cincywor...@gmail.com
Jul 25, 2018, 7:20:31 AM7/25/18
to Video DownloadHelper Q&A
Thanks mig,
Downloaded the exe directly via the prompt within Video Download saying I needed a newer version of the Companion app.
1.2.4 replaced VdhCoAppSetup-1.1.3.exe, installed the same way in May 2018. The sig list for both are the same.
As the malware was caught and removed, do you think 1.2.4.exe is safe or should I delete and reinstall from the address you provided above?
1.2.4 replaced VdhCoAppSetup-1.1.3.exe, installed the same way in May 2018. The sig list for both are the same.
As the malware was caught and removed, do you think 1.2.4.exe is safe or should I delete and reinstall from the address you provided above?
mig
Jul 25, 2018, 7:31:23 AM7/25/18
to Video DownloadHelper Q&A
The original VdhCoAppSetup-1.2.4.exe file is safe, but since there is a suspicion of something being compromised somewhere, i suggest downloading the file from either link, and before executing it to install the companion app, make sure the signature match the ones below (checking one algorithm is enough):
MD5: f8f5662cc2bfe170ae7ff6bac96dd397
SHA1: 613262b4cd9345b69153ea1bf5b9d98cf5005063
SHA256: f15dfb2600fdc0d4751191b3d2bd514b6fb6b1fbce21caf91b07fa4840554ca6
cincywor...@gmail.com
Jul 25, 2018, 7:43:18 AM7/25/18
to Video DownloadHelper Q&A
mig,
Will do. Thanks for your prompt response.
Will do. Thanks for your prompt response.
Reply all
Reply to author
Forward
0 new messages