Simviation Forums

[TerryUK]

My fs9 didn't perform as well as usual tonight & suddenly crashed leaving a blue screen informing me to prevent damage, Windows was closing down.   I did an AGV anti-virus check.  The Virus Vault report the presence of a "Trojan Horse Back Door. Generic2. UIK" virus.  It appears to be a 508 KB bglman.dll file in Modules.   My last downloads have been the  SkyDecks 737 panel, followed by the 737 itself.

This is the first time I have had a problem like this & I'd appreciate some help as to my next move.  I don't know what this files does, so can I just delete it & will that be good enough ?

Thanks,
Terry.

[JBaymore]

Terry,

First of all.... where di you download the files in question?

Second of all...go to the AVG site and check the info on that virus to see what they suggest.  Also go to the Symantic site for their "take" on the subject.

Sometimes you get a false positive on some types of archived files.... but I'd still take it seriously until proven otherwise.

For the moement I'd only plug the computer into the net for very brief intervals at best... and for the moment make sure that there is no sensitive stuff on your machine... like financial data... that might get compormised.  Don;t use credit cards online until this is resolved.... could be a key tracer of some sort.


best,

.................john

[dave3cu]

I haven't had any experience with that .dll but returns from a Google for bglman.dll indicate it is (can be) a legitimate file. It is an 'e-commerce security app.' used by some payware packages to verify ownership.

There is also mention of some AV programs reporting a 'false positive'.

Maybe you check support or forums for any payware you have purchased. Most hits point to Cloud9 products.

Dave

[commoner]

..mm...not come accross this before but found this reference on cloud 9 website......

"All Cloud 9 scenery is protected by an e-commerce security application which will install BGLMAN.DLL and BGLMAN.DAT into your modules directory under FS9. BGLMAN verifies that your Cloud 9 scenery is valid and is slaved to your hardware configuration. It will also verify that no two hardware configurations are running Cloud 9 scenery at the same time and may also log IP addresses etc. The file is not only required to register the scenery but also to utilize it."

..It goes on to say that it can be detected by some anti virus software as a Trojan because it is in that category as it  does "open a back door"...but as it only sends info to the Cloud 9 site it is not counted as malicious.........but here is the link .....it's on page two I think of the pdf file....

http://www.avsim.com/pages/0706/Pisa/Pi ... MAN.DLL%22


....commoner

[TerryUK]

Blimey      My question is how did I get it then, as I have no Cloud9 stuff ?  The only add-ons I have are some wonderful aircraft from here & other immpecable sites  :P

The 737 panel was payware so I emailed Skydecks before I turned the lights out last night, asking if it was part of the download from them & they have said No.  I'll route the beasty out & delete it - I don't like the back-door idea to it.

My thanks to you all,
Terry.

[commoner]

..well I don't think it is just Cloud 9 that use this security application.........there will be many others presumably..............just Zap it if it makes you uneasy.

[JBaymore]

Well... that tells me that I will never buy cloud 9 stuff.  

best,

...john

[Hai Perso Coyone?]

Just trash it

[TerryUK]

DONE  :D