[fpc-devel] postw32.exe virus ???
Florian Klaempfl
florian at freepascal.org
Fri Jan 11 18:25:01 CET 2008
Bogusław Brandys schrieb:
> Just to note.
> Kaspersky found Trojan-Spy.Win32.Agent.sc inside postw32.exe ? I think
> it is clean file but can you confirm that ?
I checked with virustotal online,
eSafe 7.0.15.0 2008.01.10 suspicious Trojan/Worm
Webwasher-Gateway 6.6.2 2008.01.11 Win32.Malware.gen#UPX!82 (suspicious)
marked them as suspicious, but we had this before with several other
files too and the reason was simply that they were upx packed. postw32
could have even another cause triggering some heuristics: it is used to
post process an executable to set stack size etc. Modifing executables
is probably something suspicious for virus scanners :)
More information about the fpc-devel
mailing list