cerdan
join:2008-01-02 | Is Themida a legitimate threat?
AVG 7.5 has been bugging me with Themida alert on every bootup on an exe app file. Is this a legitimate threat or false alarm? Thanks! |
|
MarkAW
Barry White or lil bratt
Premium
join:2001-08-27
Canada
 ·Bell Sympatico
 ·Cogeco Cable
1 edit | Find the exe file that AVG keeps flagging and upload it here
»www.virustotal.com/ or here »virusscan.jotti.org/ and f the scan that is done at either link comes up with more than a few anti-virus scanning programs saying it's a virus then more than likely it is a legit threat.
--
Advertising is legalized lying. - H.G. Wells
Pleasure in the job puts perfection in the work. - Aristotle |
|
amysheehan
Premium,VIP,MVM
join:1999-12-21
Huntington Beach, CA
·RoadRunner Cable
| reply to cerdan
said by cerdan  :AVG 7.5 has been bugging me with Themida alert on every bootup on an exe app file. Is this a legitimate threat or false alarm? Thanks! Have you installed any new games lately ?
--
Proud Member of ASAP
DSLR Phishtracker |
|
cerdan
join:2008-01-02
| said by amysheehan :said by cerdan :AVG 7.5 has been bugging me with Themida alert on every bootup on an exe app file. Is this a legitimate threat or false alarm? Thanks! Have you installed any new games lately ? Yes but that file was installed many months ago.
Can't upload that particular file. I suspect it's blocking me from uploading to those sites listed above. It keeps saying "0 byte uploaded". I already have SpyBot and AVG disabled. |
|
cerdan
join:2008-01-02 | "The file you uploaded is 0 bytes. It is very likely a firewall or a piece of malware is prohibiting you from uploading this file" |
|
amysheehan
Premium,VIP,MVM
join:1999-12-21
Huntington Beach, CA | reply to cerdan
I would suggest uninstalling the game you referenced.
Also- what is the name of the suspected file?
|
|
cerdan
join:2008-01-02 | TMPGEncDVDAuthor3.exe |
|
The Snowman
Premium
join:2007-05-20
·Verizon Online DSL
| reply to cerdan
Themida is a software protection product designed to prevent software from being "cracked" and does use encryption, therefore, is very difficult for any anti-virus to confirm one way or another if its malware. Un-fortunately, Themida is highly used by virus writers, keylogger writers, etc., to concel their malware.
So, all in all no one can actually be absolutely certain that when Themida is detected it is malware or a legit product....its your call.
Thats all the info I can offer you. I wont be returning here for some time..... so will wish you the best now. |
|
amysheehan
Premium,VIP,MVM
join:1999-12-21
Huntington Beach, CA
·RoadRunner Cable
| reply to cerdan
said by cerdan :TMPGEncDVDAuthor3.exe That's from a dvd editing software program -
Could be a cracked version.
--
Proud Member of ASAP
DSLR Phishtracker |
|
cerdan
join:2008-01-02 | What can Themida do if I leave it untreated? |
|
cerdan
join:2008-01-02 | Provided it's a real threat obviously... |
|
BestDeleteit
@verizon.net
 from:
amysheehan
| reply to cerdan
amy,
you got it correct...that is a "crack"....nice catch.
Its me The Snowman just saying goodnight.
TMPGENCDVDAUTHOR3.EXE has been seen to perform the following behavior:
The Process is packed and/or encrypted using a software packing process
Executes a Process
Adds Products to the system registry
Registers a Dynamic Link Library File
Can communicate with other computer systems using HTTP protocols |
|
bestdeleteit
@verizon.net
from:
amysheehan
| reply to cerdan
cerdan
you have just a bit over an hour to get a free editor that is legit...here:
»www.giveawayoftheday.com/avs-video-editor/
|
|
amysheehan
Premium,VIP,MVM
join:1999-12-21
Huntington Beach, CA
·RoadRunner Cable
| reply to cerdan
said by cerdan :Provided it's a real threat obviously... Please read this post
»Re: Is Themida a legitimate threat?
It's right on the money and posted by a trustworthy source.
--
Proud Member of ASAP
DSLR Phishtracker |
|
microserf v1
@cgocable.net
| reply to cerdan
No, Themida is not a legitimate threat. As mentioned, it is a software protection package used by program authors and distributors. Oreans Technology sells it.
TMPGEncDVDAuthor3.exe is an executable file, probably. That's all anyone here can tell you without an MD5, etc., preferably the binary. That particular file is where the copy protection is based and is commonly replaced with a modified/cracked version.
quote:
The Process is packed and/or encrypted using a software packing process
Executes a Process
Adds Products to the system registry
Registers a Dynamic Link Library File
Can communicate with other computer systems using HTTP protocols
That summarizes most protection systems as well as most trojans/viruses. It also resembles many "portable" products. Inconclusive without details. |
|
