We guarantee that the HUD does not contain any viruses!
If your anti-virus product is preventing the HUD from installing or running then the first thing you should try is updating your anti-virus software to get the latest virus definitions file as they may have already fixed the bad pattern. If this doesn't work then you must set your anti-virus program to ignore the HUD (this does not always work with some products). Other than that all you can do is disable the anti-virus product whilst you install (and possibly when you run the HUD) until the anti-virus company fixes their virus definitions.
Constant updates to the HUD makes these problems come and go with different revisions of our product. These "false positives" occur because most anti-virus software uses a process called Heuristics to guess whether a virus is present. This means they look for certain code patterns that are consistent with known viruses. In the case of the HUD it will occasionally appear to show some of these patterns because the HUD is a program that alters a separate running program (the poker client) to show the statistics overlayed on the table - something many viruses will do.
When we build each version of the HUD we check it against the website www.virustotal.com which lets you virus check your product against all major anti-virus software and we work to ensure it is not incorrectly flagged by as many vendors as possible. Unfortunately the anti-virus companies change their patterns file all the time to respond to new threats, and so new problems can occur at any time. It is often impossible to code the HUD so that it works with every AV product, so we just have to do the best we can.
Admin,
I am having difficulties and have been for some time. Trying to install,I get:
McAfee has automatically blocked and removed a Trojan.
About this Trojan
Detected: Artemis!86634ED97385 (Trojan), Artemis!86634ED97385 (Trojan)
Location: C:\Program Files\SharkScope\SharkScope.exe
Trojans appear as legitimate programs but can damage valuable files, disrupt performance, and allow unauthorized access to your computer.
I have reinstalled both HUD and Mcafee to no avail. I am now giving up and will not be renewing. In my opinion, it is you that needs to contact the anti virus companies and prove that your software is not dangerous.
I had this problem also when I first tried the install and so I temp stopped Mcafee for the install by going to START-SETTINGS-CONTROL PANEL-ADMINISTRATIVE TOOLS-SERVICES Then I right-clicked on everything that said Mcafee and clicked stop... and then I was able to install the HUD w/o the trogan message
Seems to have worked! nice one, thanks.
You are welcome sir. Now let me know if you had to do anything special for the stats to show up on you 9-player SnG
This also worked for me until I turned McAfee back on and ran SS HUD. At that point, the trojan was detected and removed.
My subscription expires in a week and I will not be renewing until it gets fixed. It is a shame since I have been a paying subscriber for almmost a year now.
Im getting this from Avira AV when update is downloading>
TR/Crypt.TPM.Gen >>>is trojan
>>from avira page>>>
TR/Crypt.TPM.Gen
Description:
Crypt.TPM.Gen also identified as TR/Crypt.TPM.Gen is a trojan that can block Windows registry editor, antivirus and antimalware tools. Crypt.TPM.Gen trojan will launch itself by installing corrupt Exe and Dll files into Windows system and download diverse adware threats. Usually TR/Crypt.TPM.Gen spread via unwanted spam email, mischievous chat programs, filesharing networks or porn web pages. TR/Crypt.TPM.Gen is a security risk that can set back computer performance and produce critical damage to your system files!
Long time user, first time Im getting something like this during update
Hi,
for all who is wondering what the heck is going on with the HUD, here is the results I've got from virustotal.com today (Nov. 23):
| File sharkscope-setup-130.exe received on 2009.11.23 18:30:05 (UTC) | |||
| Antivirus | Version | Last Update | Result |
| a-squared | 4.5.0.43 | 2009.11.23 | - |
| AhnLab-V3 | 5.0.0.2 | 2009.11.23 | - |
| AntiVir | 7.9.1.70 | 2009.11.23 | - |
| Antiy-AVL | 2.0.3.7 | 2009.11.23 | - |
| Authentium | 5.2.0.5 | 2009.11.23 | W32/Themida_Packed!Eldorado |
| Avast | 4.8.1351.0 | 2009.11.23 | - |
| AVG | 8.5.0.425 | 2009.11.22 | - |
| BitDefender | 7.2 | 2009.11.23 | - |
| CAT-QuickHeal | 10.00 | 2009.11.23 | - |
| ClamAV | 0.94.1 | 2009.11.23 | - |
| Comodo | 3010 | 2009.11.23 | - |
| DrWeb | 5.0.0.12182 | 2009.11.23 | - |
| eSafe | 7.0.17.0 | 2009.11.23 | - |
| eTrust-Vet | 35.1.7136 | 2009.11.23 | - |
| F-Prot | 4.5.1.85 | 2009.11.23 | W32/Themida_Packed!Eldorado |
| F-Secure | 9.0.15370.0 | 2009.11.20 | - |
| Fortinet | 3.120.0.0 | 2009.11.23 | - |
| GData | 19 | 2009.11.23 | - |
| Ikarus | T3.1.1.74.0 | 2009.11.23 | - |
| Jiangmin | 11.0.800 | 2009.11.23 | - |
| K7AntiVirus | 7.10.903 | 2009.11.23 | - |
| Kaspersky | 7.0.0.125 | 2009.11.23 | - |
| McAfee | 5811 | 2009.11.23 | - |
| McAfee+Artemis | 5810 | 2009.11.22 | - |
| McAfee-GW-Edition | 6.8.5 | 2009.11.23 | - |
| Microsoft | 1.5302 | 2009.11.23 | - |
| NOD32 | 4631 | 2009.11.23 | - |
| Norman | 6.03.02 | 2009.11.23 | - |
| nProtect | 2009.1.8.0 | 2009.11.23 | - |
| Panda | 10.0.2.2 | 2009.11.23 | - |
| PCTools | 7.0.3.5 | 2009.11.23 | - |
| Prevx | 3.0 | 2009.11.23 | - |
| Rising | 22.23.00.09 | 2009.11.23 | - |
| Sophos | 4.47.0 | 2009.11.23 | - |
| Sunbelt | 3.2.1858.2 | 2009.11.22 | - |
| Symantec | 1.4.4.12 | 2009.11.23 | - |
| TheHacker | 6.5.0.2.076 | 2009.11.23 | - |
| TrendMicro | 9.0.0.1003 | 2009.11.23 | PAK_Generic.010 |
| VBA32 | 3.12.12.0 | 2009.11.22 | - |
| ViRobot | 2009.11.23.2049 | 2009.11.23 | - |
| VirusBuster | 5.0.21.0 | 2009.11.23 | - |
| Additional information | |||
| File size: 8447540 bytes | |||
| MD5...: c5654beeeb93df6243921fa1d61deaa0 | |||
| SHA1..: edae40535a48daf025425622e490fcef111303f3 | |||
| SHA256: 1f8fafe493f5cd173ed200c9a78f3a64695a4e44aaea7cb9c7de177380a98f7d | |||
| ssdeep: 196608:JoFzawympMUmpVVQDnT0nT1XcwYLqdR4fQMehV2Z9q0:JaztNMbVVQLoT ZkLQiQMmVqq0 |
|||
| PEiD..: - | |||
| PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x30fa timedatestamp.....: 0x4a2ae2a7 (Sat Jun 06 21:41:59 2009) machinetype.......: 0x14c (I386) ( 5 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x5c4c 0x5e00 6.44 856b32eb77dfd6fb67f21d6543272da5 .rdata 0x7000 0x129c 0x1400 5.05 dc77f8a1e6985a4361c55642680ddb4f .data 0x9000 0x25c58 0x400 4.80 7922d4ce117d7d5b3ac2cffe4b0b5e4f .ndata 0x2f000 0x9000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e .rsrc 0x38000 0x7cb0 0x7e00 3.67 222ac1c04aeaabb8e10d88829285a01b ( 8 imports ) > KERNEL32.dll: CompareFileTime, SearchPathA, GetShortPathNameA, GetFullPathNameA, MoveFileA, SetCurrentDirectoryA, GetFileAttributesA, GetLastError, CreateDirectoryA, SetFileAttributesA, Sleep, GetTickCount, GetFileSize, GetModuleFileNameA, GetCurrentProcess, CopyFileA, ExitProcess, GetWindowsDirectoryA, SetFileTime, GetCommandLineA, SetErrorMode, LoadLibraryA, lstrcpynA, GetDiskFreeSpaceA, GlobalUnlock, GlobalLock, CreateThread, CreateProcessA, RemoveDirectoryA, CreateFileA, GetTempFileNameA, lstrlenA, lstrcatA, GetSystemDirectoryA, GetVersion, CloseHandle, lstrcmpiA, lstrcmpA, ExpandEnvironmentStringsA, GlobalFree, GlobalAlloc, WaitForSingleObject, GetExitCodeProcess, GetModuleHandleA, LoadLibraryExA, GetProcAddress, FreeLibrary, MultiByteToWideChar, WritePrivateProfileStringA, GetPrivateProfileStringA, WriteFile, ReadFile, MulDiv, SetFilePointer, FindClose, FindNextFileA, FindFirstFileA, DeleteFileA, GetTempPathA > USER32.dll: EndDialog, ScreenToClient, GetWindowRect, EnableMenuItem, GetSystemMenu, SetClassLongA, IsWindowEnabled, SetWindowPos, GetSysColor, GetWindowLongA, SetCursor, LoadCursorA, CheckDlgButton, GetMessagePos, LoadBitmapA, CallWindowProcA, IsWindowVisible, CloseClipboard, SetClipboardData, EmptyClipboard, RegisterClassA, TrackPopupMenu, AppendMenuA, CreatePopupMenu, GetSystemMetrics, SetDlgItemTextA, GetDlgItemTextA, MessageBoxIndirectA, CharPrevA, DispatchMessageA, PeekMessageA, DestroyWindow, CreateDialogParamA, SetTimer, SetWindowTextA, PostQuitMessage, SetForegroundWindow, wsprintfA, SendMessageTimeoutA, FindWindowExA, SystemParametersInfoA, CreateWindowExA, GetClassInfoA, DialogBoxParamA, CharNextA, OpenClipboard, ExitWindowsEx, IsWindow, GetDlgItem, SetWindowLongA, LoadImageA, GetDC, EnableWindow, InvalidateRect, SendMessageA, DefWindowProcA, BeginPaint, GetClientRect, FillRect, DrawTextA, EndPaint, ShowWindow > GDI32.dll: SetBkColor, GetDeviceCaps, DeleteObject, CreateBrushIndirect, CreateFontIndirectA, SetBkMode, SetTextColor, SelectObject > SHELL32.dll: SHGetPathFromIDListA, SHBrowseForFolderA, SHGetFileInfoA, ShellExecuteA, SHFileOperationA, SHGetSpecialFolderLocation > ADVAPI32.dll: RegQueryValueExA, RegSetValueExA, RegEnumKeyA, RegEnumValueA, RegOpenKeyExA, RegDeleteKeyA, RegDeleteValueA, RegCloseKey, RegCreateKeyExA > COMCTL32.dll: ImageList_AddMasked, ImageList_Destroy, -, ImageList_Create > ole32.dll: CoTaskMemFree, OleInitialize, OleUninitialize, CoCreateInstance > VERSION.dll: GetFileVersionInfoSizeA, GetFileVersionInfoA, VerQueryValueA ( 0 exports ) |
|||
| RDS...: NSRL Reference Data Set - |
|||
| pdfid.: - | |||
| trid..: Win32 Executable MS Visual C++ (generic) (65.2%) Win32 Executable Generic (14.7%) Win32 Dynamic Link Library (generic) (13.1%) Generic Win/DOS Executable (3.4%) DOS Executable Generic (3.4%) |
|||
| sigcheck: publisher....: n/a copyright....: n/a product......: n/a description..: n/a original name: n/a internal name: n/a file version.: n/a comments.....: n/a signers......: - signing date.: - verified.....: Unsigned |
|||
| packers (Authentium): NSIS, Themida, NSIS, Themida, NSIS, Themida, NSIS, Themida | |||
| packers (F-Prot): NSIS, Themida | |||
Hi,
considering the frequency how often the SS HUD raises virus/trojan warnings I'd like to request in the name of your customers that you will provide this information in your "download" section with the link to this thread.
It's essential that:
a. I can see the file name with at least MD5 sum, so I can check it, once downloaded.
b. You're running something like virustotal.com before uploading/releasing a new update.
c. If your developers/quality assurance would follow the step b. they should never release an update which will contain at least one single warning.
I just signed for 1k searches/day and the first thing I'm getting by trying to download the SS HUD is bunch of trojan warnings. WTF? Do you think it's an appropriate welcome message for new customers?
Please fix it ASAP or give us at least a GOOD reason, why your developers/QA can't do the step b.
Thanks,
lzdt
Unfortunately it is impossible to create a release that passes every virus checker on the Virus Total list as the there is always at least one virus checker that has a bad algorithm at any point in time - and which ones it is changes all the time. We can only do our best and make sure as few as anti virus programs as possible cause problems, particularly those with the biggest market shares.
I repeat, we guarantee our our programs do not contain viruses.
I fully understand it. But why not:
1) check the binaries firstly and contact the AV-software maker in a case of false-positive, so they can fix their virus signatures and alike? Even when I think you're doing it already, I'd like to hear a confirmation, preferable on the front page of the HUD, so the user will not be scared and surprised.
2) MD5/SHA1 check sum will calm down tech guys like me, so I can check it after downloading the files and can know this way, the executable file was not manipulated on the way from your web server to my PC.
The HUD from Holdem Manager has similar issues, but every customer can read about false-positives directly on the front page, so it looks not suspicious anymore. Why not follow suit?
What is so difficult to do it? Not enough man power? Your reputation is not worth it? You're offering great service but offering beta software to your customers which generates such warnings and not to warn about it at the download page is either ignorance/stupidity or purpose.
I'm sorry, should not look like offense, but I hope you understand my point.
Thanks for the quick response,
lzdt
Please help me.
First off I am not a computer geek so although I do appreciate the above respones I am not smart enought to understand them. I am not even a good Poker Player (only played maybe 1500 games in the last 2 yrs).
I just know that today I clicked on the Shark Scope Icon on my desktop and it would NOT work?
Some error came up saying it was missing a .dll fille or the like..
So I uninstalled Shark Scope and tried to re-install SharkScope and it said something like
it was missing a .dll file (or the like) and it went to browse for it.
* Now because of this Shark Scope Hud, my brain is now hurting and I missed my $31k Torney
because instead of entering the torney I have been trying to figure out what is wrong with Shark Scope
Then Mcafee says I was "infected with a Trojan Virus" and they could not quarrantine it to run a scan.
I need a quick fix here or I have to remove Shark Scope and get a refund!
* Just tried to re-install Shark Scope Hud and got to the end where it say Finish and got
these 2 errors...
- This application has failed to start because database .dll has not found. re-installing the appliacation may fix the problem
* it does not?
- can not find SharkScopeController .dll' Please re- installed this application
* still can not..
Help!
Hi Wallace,
unfortunately there doesn't appear to be a way in most versions of McAfee to ignore certain files so the only immediate option would be to uninstall McAfee and use a different Anti Virus program.
We are trying to produce a build of the HUD in the next couple of days that will work with the latest McAfee definitions but beware this isn't always possible - we basically have to try to randomly move things around until we no longer trigger the bugged code they have.
We have submitted the program to McAfee to get them to resolve the problem, but they aren't always responsive to this, so we recommend as many people as possible submit it to them as a false positive to encourage them to fix it (typically there is a "Send to McAfee" option when a virus alert is raised).
* Just tried to re-install Shark Scope Hud and got to the end where it say Finish and got
these 2 errors...
Has nothing to do with Macafee?
- This application has failed to start because database .dll has not found. re-installing the appliacation may fix the problem
* it does not?
- can not find SharkScopeController .dll' Please re- installed this application
* still can not..
Help!
McAfee is removing these files after the install has finished. Reinstalling the HUD will not help as McAfee will simply remove the files again if its running as it incorrectly thinks there is a virus in them.
SHARK SCOPE HAS 2 TROJAN VIRUS PROGRAM THAT MACAFEE QUARANTINED
AND IT CANNOT REMOVE THEM -
- PLUS EVERYTIME I TRY TO USE THE HUD I GET THIS ERROR
This application has failed to start because database .dll has not found. re-installing the appliacation may fix the problem
* it does not?
- can not find SharkScopeController .dll' Please re- installed this application
wtf?
Wallace did you read my previous posts on this subject?
We've finally been able to create a build that doesn't trigger the bug in McAfee so when you update to 1.0.131 the problem should be solved.
I just renewed today since you said the problem was solved. Unfortnately, I am still getting the "Armetis Trojan" error.
Just leave them do their job and be patient..
I presume a McAfee update triggered this as I was able to use the HUD with McAfee without any issues the last weeks. But now I'm running into the same installation issue where the DLL's seem to be removed even before I can run the HUD.
Tried stopping all McAfee services / processes and reinstall the SS HUD but still didn't work. Are notifying McAfee and considering uninstalling the McAfee software my only options?
Yes unfortunately those are the only options. Though we've just released a new version of the HUD to fix a Party MTT issue, and this build is currently passing our tests with McAfee, so its worth trying that. Otherwise we'll have to wait a few days for McAfee to correct their definitions.
I had a problem with Avast and the HUD but in the end I disabled the 'behaviour' shield and it seemed to work fine!
avast antivirus review
Hadn't used the HUD for 6 months or so and took out a new subscription 2 weeks ago to retry the HUD. Worked fairly well for 2 weeks (sometimes it causes some graphic issues on my tables making the bet buttons and my cards invisible on all tables, which is kinda annoying when you're playing 10 tables ....) but the HUD worked ok until the McAfee Trojan issue came up again this week.
Last time I think I had uninstalled McAfee, got the HUD working again for a couple of days and gave up on the HUD when the issue returned. any new suggestions?
Wow. Seems like alot of problems with SS HUD. I have Macafee. I was going to purchase SS HUD but, not with all of these problems. It looks like this has been a problem for some time. I'll check back every once in awhile but, it doesn't look like an easy fix for you guys. Too bad.
PLEASE HELP. im having problem downloading the installer with norton IS2011!
I understand what you are saying.
So, explain to me how Holdem Manager can put a HUD on the tables and they update their product frequently but I haven't seen any virus problems with their product?
That being said, it has been some time since I've had problems with my AVG putting up warnings about Sharkscope. But I did go into AVG's settings and set it to ignore Sharkscope and the HUD and the HUD.DLL etc. etc.
AVG tech support was excellent and worked with me to get that nonsense stopped.
Makes having the paid version worthwhile.