[regex-coach] Avast shows a virus false positive in 0.9.2

Edi Weitz edi at agharta.de
Mon Jan 14 07:30:09 UTC 2008 

On Mon, 14 Jan 2008 00:14:25 -0600, tabacco at dougtabacco.com wrote:

> I assume this is a false positive, but Avast antivirus reports that
> the 0.2.9 installer contains 'Win32:Trojan-gen {Other}' (specific,
> huh?).  I'm sure it's nothing, but just figured I'd point it out
> just in case it's possible to follow up with them to get it cleared
> up.
>
> It had no problem with my old 0.9.0 installer, by the way.

Thanks for the info.  Looks definitely like a false positive to me.
(The last time we had one it was something that affected every
installer that was created with Inno Setup.  Must be in the archives
somewhere.)

Anyway, I don't have the time to deal with this right now.  Just for
fun, I uploaded 0.9.2 to "VirusTotal", and here's what I got ("Self
Modifying File", phew!):

  Antivirus               Version         Last Update     Result
  AhnLab-V3               2008.1.14.10    2008.01.14      -
  AntiVir                 7.6.0.46        2008.01.13      -
  Authentium              4.93.8          2008.01.13      -
  Avast                   4.7.1098.0      2008.01.14      Win32:Trojan-gen {Other}
  AVG                     7.5.0.516       2008.01.13      -
  BitDefender             7.2             2008.01.14      -
  CAT-QuickHeal           9.00            2008.01.12      -
  ClamAV                  0.91.2          2008.01.13      -
  DrWeb                   4.44.0.09170    2008.01.13      -
  eSafe                   7.0.15.0        2008.01.13      -
  eTrust-Vet              31.3.5456       2008.01.14      -
  Ewido                   4.0             2008.01.13      -
  FileAdvisor             1               2008.01.14      -
  Fortinet                3.14.0.0        2008.01.14      -
  F-Prot                  4.4.2.54        2008.01.13      -
  F-Secure                6.70.13030.0    2008.01.14      -
  Ikarus                  T3.1.1.20       2008.01.14      -
  Kaspersky               7.0.0.125       2008.01.14      -
  McAfee                  5205            2008.01.11      -
  Microsoft               1.3109          2008.01.14      -
  NOD32v2                 2788            2008.01.13      -
  Norman                  5.80.02         2008.01.11      -
  Panda                   9.0.0.4         2008.01.13      -
  Prevx1                  V2              2008.01.14      Heuristic: Suspicious Self Modifying File
  Rising                  20.26.62.00     2008.01.13      -
  Sophos                  4.24.0          2008.01.14      -
  Sunbelt                 2.2.907.0       2008.01.12      -
  Symantec                10              2008.01.14      -
  TheHacker               6.2.9.187       2008.01.13      -
  VBA32                   3.12.2.5        2008.01.13      -
  VirusBuster             4.3.26:9        2008.01.13      -
  Webwasher-Gateway       6.6.2           2008.01.14      -

  Additional information
  File size: 3108353 bytes
  MD5: c4ae76b79c77f1b326217241cb00a78a
  SHA1: 5ff548af18319439be247c46d7f5b16952e83e7f
  PEiD: -
  Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=14A6205A014CA6056E652F313D29DB002BBA7BA9

Cheers,
Edi.

More information about the regex-coach mailing list