« previous next »
Pages: [1]   Go Down

Author Topic: Win32:Trojan-gen in Linux Wine-Doors app  (Read 3254 times)

0 Members and 2 Guests are viewing this topic.

canajun

  • Guest
Win32:Trojan-gen in Linux Wine-Doors app
« on: December 31, 2007, 12:36:45 PM »
*AVAST Report: 2007-12-09 04:52:05   Found virus 'Win32:Trojan-gen {UPX}' in file '/home/user/.wine-doors/apppacks/autohotkey-1.0.46.08.wdi/autohotkey-1.0.46.08/autohotkey-1.0.46.08/scripts/install.exe'.

I double checked with http://virusscan.jotti.org/

Scanner results - Scan taken on 31 Dec 2007 11:03:50 (GMT)
A-Squared    Found nothing
AntiVir    Found nothing
ArcaVir    Found nothing
Avast    Found Win32:Trojan-gen {UPX}
AVG Antivirus    Found nothing
BitDefender    Found Trojan.Autoit.AE
ClamAV    
Found nothing
CPsecure    Found nothing
Dr.Web    Found nothing
F-Prot Antivirus    Found nothing
F-Secure Anti-Virus    Found nothing
Fortinet    Found nothing
Ikarus    Found nothing
Kaspersky Anti-Virus    Found nothing
NOD32    Found nothing
Norman Virus Control    Found nothing
Panda Antivirus    Found nothing
Rising Antivirus    Found Trojan.Autoit.ag
Sophos Antivirus    Found nothing
VirusBuster    Found nothing
VBA32    Found nothing

With 3 positives (2 found different names) i assume that it is an infected file.

I am using the free home edition of Avast for Linux running on PCLinuxOS 2007

**NOTE Avast gives the wrong date for the report 2007-12-09 should be 2007-12-31

I hope this info is useful.
Logged

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67183
Re: Win32:Trojan-gen in Linux Wine-Doors app
« Reply #1 on: December 31, 2007, 03:34:33 PM »
An exe file detected by Linux version...
Indeed it could come from a compiled AutoIt script. But I think it's a false positive.
I'm not sure if you can 'add' (send) the file to Chest in Linux version and kept it there for further analysis.
Logged
The best things in life are free.

canajun

  • Guest
Re: Win32:Trojan-gen in Linux Wine-Doors app
« Reply #2 on: December 31, 2007, 05:23:40 PM »
yes, an .exe file installed with a windows emulator called Wine-Doors

I tried to e-mail this to you with addy on your profile, but it bounced.  :(

I have zipped it up and and uploaded it here for you to download and examine

'install.exe.zip'

hxxp://www.datafilehost.com/download.php?file=82baec2c

You may want to delete this post when you have the file, and i will then delete the link

 ;)
« Last Edit: January 02, 2008, 10:33:04 AM by chocholo »
Logged

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67183
Re: Win32:Trojan-gen in Linux Wine-Doors app
« Reply #3 on: December 31, 2007, 07:58:56 PM »
Quote from: canajun on December 31, 2007, 05:23:40 PM
I tried to e-mail this to you with addy on your profile, but it bounced.  :(
Does my email appear to you? How can you retrieve it?

Quote from: canajun on December 31, 2007, 05:23:40 PM
You may want to delete this post when you have the file, and i will then delete the link
 ;)
Hope Alwil team take a look on it... I'm an user like you.
Logged
The best things in life are free.
Pages: [1]   Go Up
« previous next »