From: Frank N. <fr...@ni...> - 2007-05-25 15:54:03
|
Hi, Just wanted to report that both Fsecure and AVG Anti-virus 7.5 report a Trojan horse (Trojan horse PSW.Generic4.KTX) in a py2exe 0.6.6 generated executable. AVG also reports py2exe/run_w.exe as infected. I can't check Fsecure; that was reported by a user. What can I do about this? Cheers, Frank |
From: Werner F. B. <wer...@fr...> - 2007-05-25 17:20:10
|
Hi Frank, Frank Niessink wrote: > Hi, > > Just wanted to report that both Fsecure and AVG Anti-virus 7.5 report > a Trojan horse (Trojan horse PSW.Generic4.KTX) in a py2exe 0.6.6 > generated executable. AVG also reports py2exe/run_w.exe as infected. I > can't check Fsecure; that was reported by a user. What can I do about > this? Just had a report yesterday from one of my users reporting that the latest Kaspersky AV reports my py2exe 0.6.6 generated exe's as containing "Trojan-Spy.Win32.KeyLogger.jm" virus. I use AVG and checked my machine yesterday evening but did not get any report. Just to be sure I updated AVG just now and I also get the same trojan reported as your user (but AVG could clean it). The user and I also checked with online scanners yesterday which reported the files as being clean: - TrendMicro HouseCall - Panda TotalScan - http://www.virustotal.com/vt/ - this one is very interesting as it use 8 different AV engines (Avast, AVG, BitDefender etc). I just posted py2exe/run.exe to be scanned with virustotal.com, will report back when I get the results - about 10 minutes or so. We will have to figure out how to best report this to the different AV producers. Werner |
From: Jeff P. <jef...@ya...> - 2007-05-25 17:36:18
|
Hello, I have been working on my own wxapp that I bundle with py2exe, today my AVG software found the same trojan horse: PSW.Generic4.KTX. Is this a real trojan horse or is the AVG software finding something that isn't real? thanks. Jeff "Werner F. Bruhin" <wer...@fr...> wrote: Hi Frank, Frank Niessink wrote: > Hi, > > Just wanted to report that both Fsecure and AVG Anti-virus 7.5 report > a Trojan horse (Trojan horse PSW.Generic4.KTX) in a py2exe 0.6.6 > generated executable. AVG also reports py2exe/run_w.exe as infected. I > can't check Fsecure; that was reported by a user. What can I do about > this? Just had a report yesterday from one of my users reporting that the latest Kaspersky AV reports my py2exe 0.6.6 generated exe's as containing "Trojan-Spy.Win32.KeyLogger.jm" virus. I use AVG and checked my machine yesterday evening but did not get any report. Just to be sure I updated AVG just now and I also get the same trojan reported as your user (but AVG could clean it). The user and I also checked with online scanners yesterday which reported the files as being clean: - TrendMicro HouseCall - Panda TotalScan - http://www.virustotal.com/vt/ - this one is very interesting as it use 8 different AV engines (Avast, AVG, BitDefender etc). I just posted py2exe/run.exe to be scanned with virustotal.com, will report back when I get the results - about 10 minutes or so. We will have to figure out how to best report this to the different AV producers. Werner ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Py2exe-users mailing list Py2...@li... https://lists.sourceforge.net/lists/listinfo/py2exe-users --------------------------------- Ready for the edge of your seat? Check out tonight's top picks on Yahoo! TV. |
From: Werner F. B. <wer...@fr...> - 2007-05-25 17:39:07
|
Hi Jeff, Jeff Peery wrote: > Hello, I have been working on my own wxapp that I bundle with py2exe, > today my AVG software found the same trojan horse: PSW.Generic4.KTX. > Is this a real trojan horse or is the AVG software finding something > that isn't real? thanks. I think it is a false alert - see my second post with the results from virustotal. Werner |
From: Werner F. B. <wer...@fr...> - 2007-05-26 10:45:10
|
Hi My daily update of AVG now causes the same error to show up. I downgraded to py2exe 0.6.5 and that version is o.k. I also reported this to AVG, would suggest that everyone reports the company they use for AV that this gets corrected asap. Werner Werner F. Bruhin wrote: > Hi Jeff, > > Jeff Peery wrote: >> Hello, I have been working on my own wxapp that I bundle with py2exe, >> today my AVG software found the same trojan horse: PSW.Generic4.KTX. >> Is this a real trojan horse or is the AVG software finding something >> that isn't real? thanks. > I think it is a false alert - see my second post with the results from > virustotal. > > Werner > > ------------------------------------------------------------------------- > This SF.net email is sponsored by DB2 Express > Download DB2 Express C - the FREE version of DB2 express and take > control of your XML. No limits. Just data. Click to get it now. > http://sourceforge.net/powerbar/db2/ |
From: Werner F. B. <wer...@fr...> - 2007-05-28 13:49:01
|
With today's AV signatures 0.6.6 is fine again with AVG. Werner |
From: Werner F. B. <wer...@fr...> - 2007-05-25 17:31:06
|
Here the results for py2exe/run.exe - all clean. Complete scanning result of "run.exe", received in VirusTotal at 05.25.2007, 19:16:14 (CET). Antivirus Version Update Result AhnLab-V3 2007.5.24.0 05.25.2007 no virus found AntiVir 7.4.0.27 05.25.2007 no virus found Authentium 4.93.8 05.23.2007 no virus found Avast 4.7.997.0 05.25.2007 no virus found AVG 7.5.0.467 05.25.2007 no virus found BitDefender 7.2 05.25.2007 no virus found CAT-QuickHeal 9.00 05.25.2007 no virus found ClamAV devel-20070416 05.25.2007 no virus found DrWeb 4.33 05.25.2007 no virus found eSafe 7.0.15.0 05.24.2007 no virus found eTrust-Vet 30.7.3663 05.25.2007 no virus found Ewido 4.0 05.25.2007 no virus found FileAdvisor 1 05.25.2007 No threat detected Fortinet 2.85.0.0 05.25.2007 no virus found F-Prot 4.3.2.48 05.24.2007 no virus found F-Secure 6.70.13030.0 05.25.2007 no virus found Ikarus T3.1.1.8 05.25.2007 no virus found Kaspersky 4.0.2.24 05.25.2007 no virus found McAfee 5039 05.25.2007 no virus found Microsoft 1.2503 05.24.2007 no virus found NOD32v2 2292 05.25.2007 no virus found Norman 5.80.02 05.25.2007 no virus found Panda 9.0.0.4 05.25.2007 no virus found Prevx1 V2 05.25.2007 no virus found Sophos 4.17.0 05.23.2007 no virus found Sunbelt 2.2.907.0 05.24.2007 no virus found Symantec 10 05.25.2007 no virus found TheHacker 6.1.6.123 05.25.2007 no virus found VBA32 3.12.0 05.25.2007 no virus found VirusBuster 4.3.23:9 05.25.2007 no virus found Webwasher-Gateway 6.0.1 05.25.2007 no virus found Aditional Information File size: 14336 bytes MD5: d10817cb88e99bd42090e097e15fcd59 SHA1: f663e26a2b362246c5010003f3509d1c7943c651 Bit9 info: http://fileadvisor.bit9.com/services/extinfo.aspx?md5=d10817cb88e99bd42090e097e15fcd59 Werner |
From: Grant E. <gr...@vi...> - 2007-05-25 19:46:23
|
On 2007-05-25, Frank Niessink <fr...@ni...> wrote: > Just wanted to report that both Fsecure and AVG Anti-virus 7.5 report > a Trojan horse (Trojan horse PSW.Generic4.KTX) in a py2exe 0.6.6 > generated executable. AVG also reports py2exe/run_w.exe as infected. Yup. Somebody apparently wrote a trojan using py2exe, and the dim-witted trojan detectors think that anying bundled using that (and possibly other) version of pyexe is a trujan. > I can't check Fsecure; that was reported by a user. What can I > do about this? Get the vendors of "security" programs to fix them. -- Grant Edwards grante Yow! WHO sees a BEACH BUNNY at sobbing on a SHAG RUG?! visi.com |
From: James M. <nyt...@gm...> - 2007-05-25 20:30:47
|
Stupid antivirus's i didn't think that they were that stupid! On 5/25/07, Grant Edwards <gr...@vi...> wrote: > > On 2007-05-25, Frank Niessink <fr...@ni...> wrote: > > > Just wanted to report that both Fsecure and AVG Anti-virus 7.5 report > > a Trojan horse (Trojan horse PSW.Generic4.KTX) in a py2exe 0.6.6 > > generated executable. AVG also reports py2exe/run_w.exe as infected. > > Yup. Somebody apparently wrote a trojan using py2exe, and the > dim-witted trojan detectors think that anying bundled using > that (and possibly other) version of pyexe is a trujan. > > > I can't check Fsecure; that was reported by a user. What can I > > do about this? > > Get the vendors of "security" programs to fix them. > > -- > Grant Edwards grante Yow! WHO sees a BEACH > BUNNY > at sobbing on a SHAG RUG?! > visi.com > > > ------------------------------------------------------------------------- > This SF.net email is sponsored by DB2 Express > Download DB2 Express C - the FREE version of DB2 express and take > control of your XML. No limits. Just data. Click to get it now. > http://sourceforge.net/powerbar/db2/ > _______________________________________________ > Py2exe-users mailing list > Py2...@li... > https://lists.sourceforge.net/lists/listinfo/py2exe-users > -- http://www.goldwatches.com/watches.asp?Brand=39 http://www.wazoozle.com |
From: Jeff P. <jef...@ya...> - 2007-05-29 18:36:16
|
Is there a way to get around this problem until the AV companies fix it? I have users that will be unhappy if they download my executable and think there is a virus attached. thanks, Jeff James Matthews <nyt...@gm...> wrote: Stupid antivirus's i didn't think that they were that stupid! On 5/25/07, Grant Edwards <gr...@vi... > wrote:On 2007-05-25, Frank Niessink <fr...@ni... > wrote: > Just wanted to report that both Fsecure and AVG Anti-virus 7.5 report > a Trojan horse (Trojan horse PSW.Generic4.KTX) in a py2exe 0.6.6 > generated executable. AVG also reports py2exe/run_w.exe as infected. Yup. Somebody apparently wrote a trojan using py2exe, and the dim-witted trojan detectors think that anying bundled using that (and possibly other) version of pyexe is a trujan. > I can't check Fsecure; that was reported by a user. What can I > do about this? Get the vendors of "security" programs to fix them. -- Grant Edwards grante Yow! WHO sees a BEACH BUNNY at sobbing on a SHAG RUG?! visi.com ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Py2exe-users mailing list Py2...@li... https://lists.sourceforge.net/lists/listinfo/py2exe-users -- http://www.goldwatches.com/watches.asp?Brand=39 http://www.wazoozle.com ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/_______________________________________________ Py2exe-users mailing list Py2...@li... https://lists.sourceforge.net/lists/listinfo/py2exe-users --------------------------------- You snooze, you lose. Get messages ASAP with AutoCheck in the all-new Yahoo! Mail Beta. |
From: Frank N. <fr...@ni...> - 2007-05-29 19:16:23
|
Hi Jeff, 2007/5/29, Jeff Peery <jef...@ya...>: > Is there a way to get around this problem until the AV companies fix it? I > have users that will be unhappy if they download my executable and think > there is a virus attached. Werner mentioned that an older version of py2exe (0.6.5) was not affected. Also, AVG already released an update that fixes the issue. Cheers, Frank |
From: Werner F. B. <wer...@fr...> - 2007-05-29 20:37:47
|
Hi Jeff, Jeff Peery wrote: > Is there a way to get around this problem until the AV companies fix it? > I have users that will be unhappy if they download my executable and > think there is a virus attached. As mentioned earlier the latest AVG signatures are fine. I also have a user/beta tester who uses Kaspersky who reported this first to me, confirmed that they corrected it too. Werner |