Virus in Xampp developer???
Posted: 11. September 2008 20:41
Well, I have seen false alarms before, due to false positives.... but this time, there are several AV reporting the presence of a virus in sha256t.exe (part of OpenSSH folder):
From virustotal.com
AntiVir 7.8.1.28 2008.09.11 BDS/Padodor.IL
Authentium 5.1.0.4 2008.09.11 W32/Backdoor.XMA
Avast 4.8.1195.0 2008.09.11 Win32:Trojan-gen {Other}
BitDefender 7.2 2008.09.11 Backdoor.Padodor.IL
F-Prot 4.4.4.56 2008.09.11 W32/Backdoor.XMA
Fortinet 3.113.0.0 2008.09.11 PossibleThreat
GData 19 2008.09.11 Backdoor.Padodor.IL
K7AntiVirus 7.10.452 2008.09.11 Backdoor.Win32.Padodor.IL
McAfee 5382 2008.09.11 Generic BackDoor
Panda 9.0.0.4 2008.09.11 Bck/Webber.BU
Prevx1 V2 2008.09.11 Worm
Rising 20.61.32.00 2008.09.11 Backdoor.Agent.iba
Sunbelt 3.1.1628.1 2008.09.11 Backdoor.Padodor.IL
VBA32 3.12.8.5 2008.09.10 Backdoor.Win32.Padodor.gen
Webwasher-Gateway 6.6.2 2008.09.11 Trojan.Backdoor.Padodor.IL
So... maybe this time it is not a false alarm... can somebody confirm if it is a virus, or a lot of false positives? The advantage of opensource software is it can be checked, compiled, and scanned... but "checking" the code is far beyond my capability.
From virustotal.com
AntiVir 7.8.1.28 2008.09.11 BDS/Padodor.IL
Authentium 5.1.0.4 2008.09.11 W32/Backdoor.XMA
Avast 4.8.1195.0 2008.09.11 Win32:Trojan-gen {Other}
BitDefender 7.2 2008.09.11 Backdoor.Padodor.IL
F-Prot 4.4.4.56 2008.09.11 W32/Backdoor.XMA
Fortinet 3.113.0.0 2008.09.11 PossibleThreat
GData 19 2008.09.11 Backdoor.Padodor.IL
K7AntiVirus 7.10.452 2008.09.11 Backdoor.Win32.Padodor.IL
McAfee 5382 2008.09.11 Generic BackDoor
Panda 9.0.0.4 2008.09.11 Bck/Webber.BU
Prevx1 V2 2008.09.11 Worm
Rising 20.61.32.00 2008.09.11 Backdoor.Agent.iba
Sunbelt 3.1.1628.1 2008.09.11 Backdoor.Padodor.IL
VBA32 3.12.8.5 2008.09.10 Backdoor.Win32.Padodor.gen
Webwasher-Gateway 6.6.2 2008.09.11 Trojan.Backdoor.Padodor.IL
So... maybe this time it is not a false alarm... can somebody confirm if it is a virus, or a lot of false positives? The advantage of opensource software is it can be checked, compiled, and scanned... but "checking" the code is far beyond my capability.