луноход

New Member
Hi, all. I downloaded CyberGhost 5 VPN today from their site, and my AV (Norton) did not detect anything unusual and allowed the download to proceed. However, my other program, SpyShelter, went crazy and prevented the program from installing certain portions of it, though I did manage to use CG-5 for a little while with no problems. But upon checking SpyShelter's logs, I discovered something very disturbing:
SpyShelter stopped one of CG-5 actions which appears to be trojan.malware.Obscu.Gen.001 according to TotalVirus ByteHero antivirus engine.

I don't know much about these things, but I know many here use CG5 and SS together, so perhaps you have encountered this action before. I've scanned my PC with a few on-demand scans, but they have detected nothing. Don't know what else to do. So far, everything is behaving well. But I fear CG-5 could potentially have an embedded trojan on their product and you should be alerted of it. I await your help/response.

Thanks.
 

луноход

New Member
Hello viktik,

This is the the report I get from SpyShelter when I click on the virustotal check function for the CyberGhost 5 file that it stopped today when I downloaded product:

 

луноход

New Member
Thank you, Enju & frogboy. I feel much better already. Have you guys had this issue? I wish to know more. Or if you can point me to a thread addressing it. I've spent my evening running on-demand scanners looking for a non-existent trojan. I forgot to mention in my OP that when I downloaded CyberGhost5, it also tried to install Skype, which I promptly uninstalled along with CG5. Is this a typical behaviour of this program? The reason I tried CG5 is because my other VPN (VPNinja) sometimes takes an hour to connect me. I learning all of this, so any help/advice is appreciated.
 

frogboy

Level 75
Trusted
Verified
It tried to install skype ia a bit strange. Where did you download it from may i ask?
 

луноход

New Member
Yes, frogboy. Very weird. This is the site: http://www.cyberghostvpn.com/en_us

I also have McAfee site advisor installed in my Firefox browser and did notice that CG5 rating is grey according to McAfee. But since I've read about so many people here using it and giving it away, I thought I should try it. Perhaps they are bundling their product now? But why Skype?? That's just too weird.

A HitmanPro window just popped up with this:

advertiser.cyberghostvpn.com
C:\PCNAME\AppData\Roaming\Microsoft\Windows\Cookies\B5OL98VQ.txt. Tracking Cookie

advertiser.cyberghostvpn.com
C:\PCNAME\AppData\Roaming\Mozilla\Firefox\Profiles\mn812qoi.default\cookies.sqlite



 

frogboy

Level 75
Trusted
Verified
I just downloaded from your link and install had no Skype or any warnings have scanned file and all is good. This is a bit strange for sure not sure what is going on at your end. :eek:o_O:)
 

луноход

New Member
Well, I'm glad that it worked out for you. Do you have SpyShelter, too? Because they don't seem to get along. I was thinking of maybe shutting down SpyShelter and try to install CG5 to see if there are no more problems at installation, but if CyberGhost comes with a trojan attached.. who is going to detect it? Norton certainly didn't complain while the Ghost was installing additional apps on my PC. The CyberGhost file in question had precise instructions to attach itself to some win64 system or some such. I sent that file to a notepad and it was a bunch of gibberish. I had it scanned, but the AV said it was ok. Oh, well.
 

Spawn

Administrator
Staff member
Verified
This is the the report I get from SpyShelter when I click on the virustotal check function for the CyberGhost 5 file
Those results are from over a month ago, according to the Analysis date. If you upload the most recent file to VT, it should appear as Clean. As far as I know, ByteHero is based on using Heuristics only for detections, no Definitions/Signatures like traditional Antivirus software.
 
Reactions: Jack

Malware1

New Member
Yes, frogboy. Very weird. This is the site: http://www.cyberghostvpn.com/en_us

I also have McAfee site advisor installed in my Firefox browser and did notice that CG5 rating is grey according to McAfee. But since I've read about so many people here using it and giving it away, I thought I should try it. Perhaps they are bundling their product now? But why Skype?? That's just too weird.

A HitmanPro window just popped up with this:

advertiser.cyberghostvpn.com
C:\PCNAME\AppData\Roaming\Microsoft\Windows\Cookies\B5OL98VQ.txt. Tracking Cookie

advertiser.cyberghostvpn.com
C:\PCNAME\AppData\Roaming\Mozilla\Firefox\Profiles\mn812qoi.default\cookies.sqlite
What wrong do you see here?
 

луноход

New Member
Those results are from over a month ago, according to the Analysis date. If you upload the most recent file to VT, it should appear as Clean. As far as I know, ByteHero is based on using Heuristics only for detections, no Definitions/Signatures like traditional Antivirus software.
Hello, yes, but that report was submitted today. And I still get directed to that same page with that same date. I thought it was odd, but then maybe the date represents when that trojan was first discovered? I don't know.
 

Spawn

Administrator
Staff member
Verified

Spawn

Administrator
Staff member
Verified
Do not follow the links from SpyShelter, manually upload them yourself for the true results. Post a link.
 

Similar Threads

Similar Threads