forum.vdsworld.com

[vtol]

Hi
My Virus detection program just found that a DLL made by one of the people here is a Trojan Downloader

I dont really know what to do about it as far as talking to any one.
May be a false reading, not sure about that either.

Thought someone might have had the same problem.

[vtol]

Maybe the Trojan attached itself to the DLL like a gay hitchiker

[Serge]

that is a definite concern that you should raise in this forum

i would expect the moderators of this forum to get in touch with you to find out details of this dll + to check whether it is a trojan downloader or not

if they do find that it is, i expect the author of the dll to be contacted for a 'please explain' and/or to be kicked out of this forum and the rogue dll removed from vdsworld

in the past, such measures have been taken

serge

[PGWARE]

Please note that some dll's are compressed with programs like Petite, PeCompact, AsPack, and other type of PE compressors. A virus scanner may detect a false positive based on the heuristics of a similar program (which is the real virus/trojan) which uses that same pe compressor. The virus scanners cannot decompress the pe compressed file so it bases its heuristics on what it finds inside of the real trojan/virus which in some cases can lead to false positives for files which have similar characteristics within it.

I know a few of my dll's have actually reported as trojans when using the PeCompact compressor and one of the compression algorithms the program allows; changing the compression algorithm to another one fixed the issue with the scanner.

Then again there have been a few dll's posted here at vdsworld which were actual trojans and were meant to steal your vds.key file and other data from the registry. Most of these files have been talked about on the forums and have been removed from the site.

You should not feel compelled to hide the name of the dll's as its important for the community and for the author of the dll to find what may be causing this false positive or if indeed the author is putting out virus/trojans to the community.

[vtol]

Heres what you wanted

[Serge]

in that case, i would say that it is a case of false positive as i really can't see codescript including trojan code in his dll's, he has provided fantastic support to vds programmers over the years

can you test it using a different anti-virus program ... there a a few free online ones you can use

serge

[vtol]

I know, thats why I didnt know what to do..

I try that

[WidgetCoder]

I found nothing malicious in the files using Symantec AntiVirus (Eng. 61.1.0.11 Def. 4/10/2006 rev.7), I think you may have just received a false positive.

At any rate considering the file's source I’m certainly not concerned

[vtol]

I allready checked it with latest nortons too.
I sent the ZIP to the finder in case it is a trojan that clings to a file.
Just curious is all.
I never was real concerned either.

[Dr. Dread]

I've also had two different AV progs flagging that DLL as Trojan. Dunno if it's a false alarm.

Greetz
Dread

[vtol]

Ya

Thanks for your input, Dread.

APImath is used in security/ incryption/ program key math etc.. to protect people, is kinda scary, So I guess it dont hurt to be cautious considering how things are nowadays.

I got the ol:
Ticket Received
Thank-you for contacting.......

So I figure it will take a few weeks to get a answer from my AV support.
I'll post another POST when news comes back..
regards

[vdsalchemist]

Hi All,
I scanned CodeScripts DLL with McAfee Virusscan Enterprise 8.x and is does NOT show any virus in the DLL.