TROJAN ZPEVDO.A FOUND IN H2N by windows defender



  • I have just received this threat when i tried to open H2N and it was automatically quarantined and deleted. I reinstalled it and same thing popped up again. I put here the screenshots.)0_1532525147214_upload-21c2973d-a4a9-4dd9-afa5-cb0dad6a151c
    0_1532525182860_upload-c6634607-1140-404e-8786-ea4aa30d9e37



  • I got the same. I chose to remove it so it uninstalled H2n. What is the deal H2n? Is it real or a false-positive?



  • me and my friend have the same issues too.


  • Global Moderator

    It is a false positive. As you can see on VirusTotal.com, all the leading antivirus scanners did not find any problems.

    You may notify the problem to the vendors producing the erroneous detection, they are the only ones that can fix the issue.

    Please add Hand2Note to exceptions of your anti-virus software.



  • That's what someone injecting a trojan would say....



  • keepcalm said:

    It is a false positive. As you can see on VirusTotal.com, all the leading antivirus scanners did not find any problems.

    You may notify the problem to the vendors producing the erroneous detection, they are the only ones that can fix the issue.

    Please add Hand2Note to exceptions of your anti-virus software.

    As far as I can see, VIRUStotal.COM currently has 4 detections which makes me very uncertain to use hand2note for now...

    Windows Defender is a leading antivirus software and normally pretty passive with Virus/Trojans alarms, may you please at least explain whats happening here to clarify the problem?

    0_1532596465036_hand2noteVirus.png


  • Global Moderator

    Please update Hand2Note up to version 3.2.2.30



  • Hand2note uses win2cap to read data going to and from your pc. If they want to they can abouse this program to read all the date going to and from your computer. I hope hand2note can provide some details on how and why they need this program to be installed on your computer for it to work. And if they use it to collect any other date then just whats needed for hand2note to work with pokermaster.



  • I was using an old H2N version (the one before all PokerMaster BS was added) without any problems. Yesterday I've decided to update H2N to the latest version (3.2.2.30) and it even worked BUT today the hand2note.exe has disappeared. After a small research it turns out that the BitDefender (paid) moved it to quarantine. Please note that it was the latest H2N version available!

    I am very unhappy with this and I'm not going to add anything to the exclusions since this is a security breach. I'll try to revert to the old H2N version since I make backups frequently. Please fix this problem!


  • Global Moderator

    Please download the new Hand2Note installer from our website and install version 3.2.2.30:

    http://hand2note.com/

    I recommend you to save your Config folder in a safe place before the reinstallation:

    FAQ. Moving Config



  • @keepcalm How should that be different from updating to the last version through the software? I still did that just to confirm that this does not help in anyway. Had to revert to the old H2N version which works fine.
    Will all new versions contain something shady or are you planning to fix this issue?



  • The newest version 3.2.2.30 is still reported as trojan by Windows Defender and VirusTotal is showing 10 detections now. Please don't ignore this problem!

    https://www.virustotal.com/#/file/1916a54e66f0270a8cf4b6b4d5c7fa963529c0f8ab6f154b81c37c66febb2eba/detection



  • Yes at least explain to us why its a false positive. And explain to us why you need to secretly install winPcap together win Hand2Note? winPcap is used my spy programs to read all the data going in and out from your computer. It can even read passwords etc. So I would like to know. I belive and hope its for legit reason. I just need a confirmation about that from you guys.


  • Global Moderator

    Probably, a false positive occurred because the digital signatures were mistakenly not added to some executable files contained in one of our installers.

    WinPCap is necessary for decryption of traffic from some Chinese poker rooms, for example as PokerMaster. HUD will not work on these poker rooms without this software.


Log in to reply
 

Looks like your connection to Hand2Note was lost, please wait while we try to reconnect.