[fpc-devel] postw32.exe virus ???

Florian Klaempfl florian at freepascal.org
Fri Jan 11 18:25:01 CET 2008

Bogusław Brandys schrieb:
> Just to note.
> Kaspersky found Trojan-Spy.Win32.Agent.sc inside postw32.exe ? I think
> it is clean file but can you confirm that ?

I checked with virustotal online,
eSafe	2008.01.10	suspicious Trojan/Worm
Webwasher-Gateway	6.6.2	2008.01.11	Win32.Malware.gen#UPX!82 (suspicious)

marked them as suspicious, but we had this before with several other
files too and the reason was simply that they were upx packed. postw32
could have even another cause triggering some heuristics: it is used to
post process an executable to set stack size etc. Modifing executables
is probably something suspicious for virus scanners :)

More information about the fpc-devel mailing list