jelly bean key finder is it a virus?

  • Thread starter Thread starter jcharth
  • Start date Start date
J

jcharth

Hello My officescan is detecting jelly bean key finder as a virus. Is
anyone else having this problem?
 
The Jelly bean key finder is OK,
but
someone may have attached a virus to it.
Trust your scanner.
 
Have you downloaded the keyfinder?
Did you download it from the legitimate source?
If yes to both and that is the file identified, it is probably a false
positive.

But since the keyfinder is easy to replace, let the scan delete it and then
download the keyfinder again if it is still needed.
 
I got it from snapfiles.com, may be my antivirus is a little bet over
done.
Click to expand...


Why would you get it from a software clearing house when
it can be downloaded from the source at magicaljellybean.com?
Remember, when profit can be made, it shall be done and who
knows what got tacked on to the downloaded file or got
piggybacked to the download.
 
Hello My officescan is detecting jelly bean key finder as a virus. Is
anyone else having this problem?
Click to expand...


Unlike your statement, OfficeScan (from TrendMicro) is not just an
anti-virus program; see
http://www.trendmicro.com/en/products/desktop/osce/evaluate/overview.htm.
It detects other malware, including spyware. Lots of anti-malware products
will classify some products as PUPs (Probably Unwanted Programs).
OfficeScan may simply be warning you about the existence of the Magical
Jelly Bean key finder utility. It is considered a low-level and powerful
tool. I've seen PUP alerts on Foundstone's Attacker utility from McAfee -
and Foundstone is a division of McAfee!

Include the actual alert message you got from OfficeScan. Sounds like you
don't know how to differentiate between the different type of alerts that it
may issue.

Since OfficeScan is an enterprise-level security product implemented within
corporations, is there a reason why you didn't contact your sysadmin or IT
department about the alert? They might be able to tell you that it is
something that can be ignored, but then they probably don't want you using
unqualified software on *their* hosts (i.e., Jelly Bean is probably not on
their okay list of software allowed on their corporate desktops). They may
even run inventory clients on their hosts to report what is reported, so
might already be on their shit-list. It would be rare that an IT department
would want their users installing PUPs on their desktops.
 
In
Hello My officescan is detecting jelly bean key finder as a virus. Is
anyone else having this problem?
Click to expand...

Trend thinks it is a virus, spyware application, or other internet threat. I
had an encounter with this last week and seems as Trend is the only one that
thinks so.
eTrust, Norton and AVG all give it a clean report.
Trend even gives it a name CRCK_JBEAN.A
8-)
--
Michael Stevens MS-MVP XP
(e-mail address removed)
http://www.michaelstevenstech.com
For a better newsgroup experience. Setup a newsreader.
http://www.michaelstevenstech.com/outlookexpressnewreader.htm
 
Michael said:
In

Trend thinks it is a virus, spyware application, or other internet
threat. I had an encounter with this last week and seems as Trend is
the only one that thinks so.
eTrust, Norton and AVG all give it a clean report.
Trend even gives it a name CRCK_JBEAN.A
8-)
Click to expand...

Crack? All it does is find the PK. Trend must have gotten a complaint
from somewhere.

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com/mscommunity
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei"
 
In
kurttrail said:
Crack? All it does is find the PK. Trend must have gotten a
complaint from somewhere.
Click to expand...

Yeah, had some dialogue last week with a guy that got a report from his
Trend AV. Took 4 emails to extract enough information from him to realize it
was Trend classifying a keyfinder as malicious code.
I ran AV checks from eTrust, AVG, and Norton's latest updates on all files
on my web site and on JB's and didn't find a problem. Seems like Trend is
the only one flagging it as a threat.

--
Michael Stevens MS-MVP XP
(e-mail address removed)
http://www.michaelstevenstech.com
For a better newsgroup experience. Setup a newsreader.
http://www.michaelstevenstech.com/outlookexpressnewreader.htm
 
I am glad offican is not deleting my pstools then. thanks
Click to expand...


I really dount OfficeScan would EVER delete anything without *you* telling
it to do so. Even if it found a known virus, it would first ask YOU what to
do (ignore, delete, quarantine, report, etc.).

By PsTools, we have to guess that you mean *SysInternals'* PsTools suite
(there are 13 programs in the PsTools suite). Perhaps OfficeScan doesn't
catch it, but other anti-malware products may, for example, alert on the
PsExec tool since this is another PUP (to execute processes remotely).

For anti-virus, firewall, anti-malware, and other security products, they
still rely on the user as the last authority on deciding if a suspect is
really a threat and just what to do about it. So ultimately the level of
security depends on the user.
 
I got it from snapfiles.com, may be my antivirus is a little bet over
done.
Click to expand...

I realize this is a bit (no kidding) late, however, I just saw it.
If you are using F-Prot for your antivirus, they had a problem
with their deffs right around that time (I got an email from them
confirming it). They had a problem with their signatures
giving a false positive on a number of things. From their
email, the bad deffs were only out there for about 2 hours ...
naturally I updated during that time and scanned my system.
Fortunately, I had just done a backup !!

mikey
 
Back
Top