Download TrojanHunter Now
Free 30-day trial!
Latest TrojanHunter Version:
TrojanHunter 5.0
Order Now
License file delivered within minutes.
Welcome, Guest. Please Login or Register.
Jul 19th, 2008, 5:45am
   Mischel Internet Security Forum
   TrojanHunter
   TrojanHunter Scanner (Moderators: Helena, Gavin_Coe, Magnus)
   FP on Script Defender (maybe more)		 « Previous topic | Next topic »
Pages: 1  Reply Reply  Notify of replies Notify of replies   Send Topic Send Topic   Print Print
   Author  Topic: FP on Script Defender (maybe more)  (Read 427 times)
Jrb
Full Member
***



I love YaBB 1G - SP1!

   


Posts: 208
FP on Script Defender (maybe more)
« on: Nov 28th, 2007, 1:39pm »		 Quote Quote  Modify Modify
Hi,
 
ErikAlbert posted at Wilders some FP's :
http://www.wilderssecurity.com/showpost.php?p=1127548&postcount=49
 
I checked one of the files he scanned: Script Defender.
 
TH gave indeed a warning:
Found trojan file:
D:\Script Defender\Version 1_02\sdefendi.exe (Generic.Trojan.A)
 
I don't use Script Defender, but downloaded it from AnalogX:
http://www.analogx.com/contents/download/system/sdefend.htm
 
MD5 checksum:
The file D:\Script Defender\Version 1_02\sdefendi.exe
has the following Checksum(s)
MD5 - BCC722A29C1901207B620BF54EC27235
 
 
TH details:
latest version, and defs:
Ruleset datestamp    : 2007-11-28
Scan kernel     : 5.0 (Aurelius)
Ruleset entries      : 149659
Trojan definitions   : 57872
Detection rules      : 149659
 
I'll submit the file.
I hope ErikAlbert will submit the others.
 
IP Logged
siliconman01
Global Moderator
*****



Trojans! Chew 'em Up, Spit 'em Out...

   


Gender: male
 Posts: 5508
Re: FP on Script Defender (maybe more)
« Reply #1 on: Nov 28th, 2007, 11:23pm »		 Quote Quote  Modify Modify
Thanks for the file and forum post.  I too reported these to Magnus/Gavin.  Hopefully a fix will be released soon.  Wink
IP Logged
______
TrojanHunter V5.0.962...No. 1 AT in my Book and on my Box!
Magnus
Administrator
*****



Ad astra per aspera.

   
WWW  

Posts: 4086
Re: FP on Script Defender (maybe more)
« Reply #2 on: Nov 29th, 2007, 6:56am »		 Quote Quote  Modify Modify
Fixed!
IP Logged
Gavin_Coe
Trojan Analyst
*****





   
WWW  

Posts: 1915
Re: FP on Script Defender (maybe more)
« Reply #3 on: Nov 29th, 2007, 6:57am »		 Quote Quote  Modify Modify
Thanks, at least one fixed.
 
The one that I want fixed is the giveawayoftheday.com files.. they have a wrapper which triggers the SDBot detection. We might fix that tonight though, see how it goes Grin
IP Logged
Jrb
Full Member
***



I love YaBB 1G - SP1!

   


Posts: 208
Re: FP on Script Defender (maybe more)
« Reply #4 on: Nov 29th, 2007, 9:13am »		 Quote Quote  Modify Modify
Thank you Magnus, Gavin, Siliconman !
 
I just did a full scan with TH, and no more warning on that install file for Script Defender. Fixed Smiley
 
Ruleset datestamp    : 2007-11-29
Scan kernel     : 5.0 (Aurelius)
Ruleset entries      : 149659
Trojan definitions   : 57872
Detection rules      : 149659
 
I don't have those others files about which ErikAlbert posted.
 
For my understanding:
That file from giveawayoftheday, about which Gavin posted, is that that file Activate.exe in the posting by ErikAlbert at Wilders?
 
Thanks again !
IP Logged
Gavin_Coe
Trojan Analyst
*****





   
WWW  

Posts: 1915
Re: FP on Script Defender (maybe more)
« Reply #5 on: Nov 29th, 2007, 10:30pm »		 Quote Quote  Modify Modify
Yes, and should also be fixed and not detected anymore Wink was a SDBot gen detection
IP Logged
Jrb
Full Member
***



I love YaBB 1G - SP1!

   


Posts: 208
Re: FP on Script Defender (maybe more)
« Reply #6 on: Nov 30th, 2007, 3:58am »		 Quote Quote  Modify Modify
on Nov 29th, 2007, 10:30pm, Gavin_Coe wrote:
Yes, and should also be fixed and not detected anymore Wink was a SDBot gen detection

 
Thank you very much Gavin ! Smiley
IP Logged
Pages: 1  Reply Reply  Notify of replies Notify of replies   Send Topic Send Topic   Print Print

« Previous topic | Next topic »
Search
Members
Login
Register