FuryCell Posted December 3, 2005 Share Posted December 3, 2005 (edited) I just scanned an AutoItScript I compiled at http://virusscan.jotti.org/ and got these results:File: MD5.exe Status: INFECTED/MALWAREMD5 49874947f9287de91c606c981afc79ed Packers detected: UPX, AUTOIT Scanner results AntiVir Found nothing ArcaVir Found Trojan.Clicker.Small.Ht Avast Found nothing AVG Antivirus Found nothing BitDefender Found nothing ClamAV Found nothing Dr.Web Found nothing F-Prot Antivirus Found nothing Fortinet Found nothing Kaspersky Anti-Virus Found nothing NOD32 Found nothing Norman Virus Control Found nothing UNA Found nothing VBA32 Found nothingIt appears to be another false postive becuase of careless updates to antivirus definitions. Edited December 3, 2005 by SolidSnake HKTunes:Softpedia | GoogleCodeLyricToy:Softpedia | GoogleCodeRCTunes:Softpedia | GoogleCodeMichtaToolsProgrammer n. - An ingenious device that turns caffeine into code. Link to comment Share on other sites More sharing options...
w0uter Posted December 3, 2005 Share Posted December 3, 2005 (edited) could you give some more info like what was in it and what was it compiled/packed with ?latest beta gives me this.POSSIBLY INFECTED/MALWARE (Note: this file was only flagged as malware by heuristic detection(s). This might be a false positive. Therefore, results of this scan will not be stored in the database)VBA32 Found Trojan-Downloader.Agent.70 (probable variant)ArcaVir probbly just flagged it becouse it was packed by the default UPX. Edited December 3, 2005 by w0uter My UDF's:;mem stuff_Mem;ftp stuff_FTP ( OLD );inet stuff_INetGetSource ( OLD )_INetGetImage _INetBrowse ( Collection )_EncodeUrl_NetStat_Google;random stuff_iPixelSearch_DiceRoll Link to comment Share on other sites More sharing options...
FuryCell Posted December 3, 2005 Author Share Posted December 3, 2005 (edited) could you give some more info like what was in it and what was it compiled/packed with ?latest beta gives me this.I have attached the script which was compiled using the v3.1.1 compiler. It was an MD5 include I downloaded off the forums.ArcaVir probbly just flagged it becouse it was packed by the default UPX.I do not understand what you mean by this. Could you please try and explain it in different words.Thanks for the feedback. -SolidSnakeMD5.au3 Edited December 3, 2005 by SolidSnake HKTunes:Softpedia | GoogleCodeLyricToy:Softpedia | GoogleCodeRCTunes:Softpedia | GoogleCodeMichtaToolsProgrammer n. - An ingenious device that turns caffeine into code. Link to comment Share on other sites More sharing options...
Moderators SmOke_N Posted December 3, 2005 Moderators Share Posted December 3, 2005 AutoIt uses a UPX packer by default. w0uter was simply stating that, the anti-virus protection programs, typically find this and label it as a 'potential threat'. That seems to be the consensus here. Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer. Link to comment Share on other sites More sharing options...
FuryCell Posted December 3, 2005 Author Share Posted December 3, 2005 AutoIt uses a UPX packer by default. w0uter was simply stating that, the anti-virus protection programs, typically find this and label it as a 'potential threat'. That seems to be the consensus here.Thanks. HKTunes:Softpedia | GoogleCodeLyricToy:Softpedia | GoogleCodeRCTunes:Softpedia | GoogleCodeMichtaToolsProgrammer n. - An ingenious device that turns caffeine into code. Link to comment Share on other sites More sharing options...
w0uter Posted December 3, 2005 Share Posted December 3, 2005 (edited) tested it with the latest beta + upx beta Status: POSSIBLY INFECTED/MALWARE (Note: this file was only flagged as malware by heuristic detection(s). This might be a false positive. Therefore, results of this scan will not be stored in the database) MD5: 317612dd7eaac711d4bdf698f5b47047 Packers detected: UPX, AUTOIT Scanner results: AntiVir Found nothing ArcaVir Found nothing Avast Found nothing AVG Antivirus Found nothing BitDefender Found nothing ClamAV Found nothing Dr.Web Found nothing F-Prot Antivirus Found nothing Fortinet Found nothing Kaspersky Anti-Virus Found nothing NOD32 Found nothing Norman Virus Control Found nothing UNA Found nothing VBA32 Found Trojan-Downloader.Agent.70 (probable variant) Edited December 3, 2005 by w0uter My UDF's:;mem stuff_Mem;ftp stuff_FTP ( OLD );inet stuff_INetGetSource ( OLD )_INetGetImage _INetBrowse ( Collection )_EncodeUrl_NetStat_Google;random stuff_iPixelSearch_DiceRoll Link to comment Share on other sites More sharing options...
FuryCell Posted December 4, 2005 Author Share Posted December 4, 2005 (edited) tested it with the latest beta + upx beta Status: POSSIBLY INFECTED/MALWARE (Note: this file was only flagged as malware by heuristic detection(s). This might be a false positive. Therefore, results of this scan will not be stored in the database) MD5: 317612dd7eaac711d4bdf698f5b47047 Packers detected: UPX, AUTOIT Scanner results: AntiVir Found nothing ArcaVir Found nothing Avast Found nothing AVG Antivirus Found nothing BitDefender Found nothing ClamAV Found nothing Dr.Web Found nothing F-Prot Antivirus Found nothing Fortinet Found nothing Kaspersky Anti-Virus Found nothing NOD32 Found nothing Norman Virus Control Found nothing UNA Found nothing VBA32 Found Trojan-Downloader.Agent.70 (probable variant)That makes two problems VBA32 and AcraVir. Guess somebody should send an email to both of them so they can fix their definitions. Thanks for the feedback. Edited December 4, 2005 by SolidSnake HKTunes:Softpedia | GoogleCodeLyricToy:Softpedia | GoogleCodeRCTunes:Softpedia | GoogleCodeMichtaToolsProgrammer n. - An ingenious device that turns caffeine into code. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now