Trojan reported

[lagoyu]

PC Tools spywre doctor reports a Trojan detection when running the lastest build Gbridge 1.0.0.1176 from CNet - hopefully a false positive

[admin]

Which version of spyware doctor are you using? Just scaned with 6.0.0.386 (database 5.11220) and found nothing. Which trojan did spyware doctor report?
[URL]http://www.download.com/Spyware-Doctor/3000-8022_4-10293212.html[/URL]

[lagoyu]

This error does not occur when I run the installer for 1.0.0.1146 only when I run 1.0.0.1176
here's the report:

28/11/2008 00:08:36:828
IntelliGuard: System Event Blocked
Threat Name - Trojan.Pakes!sd6
Details - Spyware Doctor has blocked an application attempting to access a file.
Risk Level - High
Infection - C:\DOCUME~1\PAUL\LOCALS~1\TEMP\NSZ4C5.TMP\SYSTEM.D LL

[lagoyu]

I am running Spyware Doctor 6.0.0.386 with up to date DB

[admin]

can you verify that the digital signature of the installer on your computer is ok?

right click the installer, click "Properties", click "digital signatures", select the signature, and click "details".

[admin]

It is a false alarm. We recently start to use Nullsoft scriptable install system 2.40 after 1.0.0.1146 to build our installer, it may somehow cause the false alarm on PC tools spyware doctor ([URL]http://nsis.sourceforge.net/NSIS_False_Positives[/URL]). Our internal testbeds use Macfee, norton, panda, and Kaspersky to test before release and didn't have any issue. download.com must has more comprehensive check. So we are pretty confident it is a false alarm.

We just upgrated to Nullsoft scriptable install system 2.41 to generate build 1.0.0.1177. Please download from [URL]http://www.gbridge.com[/URL] and check it.

Thanks a lot for notify us!

As of today the gbridge-1.0.0.1183-winxp-setup.exe was run against 39 antivirus programs and came up clean..

Done through virustotal.com



Antivirus Version Last Update Result
a-squared 4.0.0.73 2009.01.27 -
AhnLab-V3 5.0.0.2 2009.01.26 -
AntiVir 7.9.0.60 2009.01.27 -
Authentium 5.1.0.4 2009.01.26 -
Avast 4.8.1281.0 2009.01.27 -
AVG 8.0.0.229 2009.01.27 -
BitDefender 7.2 2009.01.27 -
CAT-QuickHeal 10.00 2009.01.27 -
ClamAV 0.94.1 2009.01.27 -
Comodo 948 2009.01.27 -
DrWeb 4.44.0.09170 2009.01.27 -
eSafe 7.0.17.0 2009.01.27 -
eTrust-Vet 31.6.6329 2009.01.27 -
F-Prot 4.4.4.56 2009.01.26 -
F-Secure 8.0.14470.0 2009.01.27 -
Fortinet 3.117.0.0 2009.01.27 -
GData 19 2009.01.27 -
Ikarus T3.1.1.45.0 2009.01.27 -
K7AntiVirus 7.10.607 2009.01.27 -
Kaspersky 7.0.0.125 2009.01.27 -
McAfee 5507 2009.01.26 -
McAfee+Artemis 5507 2009.01.26 -
Microsoft 1.4205 2009.01.27 -
NOD32 3804 2009.01.27 -
Norman 5.93.01 2009.01.27 -
nProtect 2009.1.8.0 2009.01.27 -
Panda 9.5.1.2 2009.01.27 -
PCTools 4.4.2.0 2009.01.27 -
Prevx1 V2 2009.01.27 -
Rising 21.13.42.00 2009.01.23 -
SecureWeb-Gateway 6.7.6 2009.01.27 -
Sophos 4.37.0 2009.01.27 -
Sunbelt 3.2.1835.2 2009.01.16 -
Symantec 10 2009.01.27 -
TheHacker 6.3.1.5.229 2009.01.26 -
TrendMicro 8.700.0.1004 2009.01.27 -
VBA32 3.12.8.11 2009.01.27 -
ViRobot 2009.1.23.1577 2009.01.26 -
VirusBuster 4.5.11.0 2009.01.27 -
Additional information
File size: 2342048 bytes
MD5...: adc2bd2cf95d216138879d2da2152d3a
SHA1..: 5321d4dabe9341c901e6dcf23c971fcee02cfdef
SHA256: 653f8eaec744c7927fa8bd3ee1e2e56e9c9de1676e126950e7 0e86a00d7c6c5e
SHA512: 800f80e77b5566245e5f2a6119f44d4b8464c36c4bdf8a9de7 5f7fbf4fe6c808
45a6b8dbc74318861d56651b997b220fd0ae4d93457eea4e16 479c76351836c5
ssdeep: 49152:8ZldFVBUcpXWdWWCjRyYtQZwx2alm0hjUczSMEICFb:q tsYzsaBhjUmSM5
CR
PEiD..: -
TrID..: File type identification
Win64 Executable Generic (59.6%)
Win32 Executable MS Visual C++ (generic) (26.2%)
Win32 Executable Generic (5.9%)
Win32 Dynamic Link Library (generic) (5.2%)
Generic Win/DOS Executable (1.3%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x3225
timedatestamp.....: 0x4925c860 (Thu Nov 20 20:28:16 2008)
machinetype.......: 0x14c (I386)

( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x5976 0x5a00 6.47 335c19bb25cd1d02eec2b0a4eacb979c
.rdata 0x7000 0x1190 0x1200 5.18 db16645055619c0cc73276ff5c3adb75
.data 0x9000 0x1af98 0x400 4.69 59710519e577598f785044e4d95261f4
.ndata 0x24000 0x10000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rsrc 0x34000 0x4858 0x4a00 2.30 bc98b9363da2a20f6c4e277ab61f2b35

( 8 imports )
> KERNEL32.dll: CompareFileTime, SearchPathA, GetShortPathNameA, GetFullPathNameA, MoveFileA, SetCurrentDirectoryA, GetFileAttributesA, GetLastError, CreateDirectoryA, SetFileAttributesA, Sleep, GetTickCount, CreateFileA, GetFileSize, GetModuleFileNameA, GetCurrentProcess, CopyFileA, ExitProcess, SetFileTime, GetTempPathA, GetCommandLineA, SetErrorMode, LoadLibraryA, lstrcpynA, GetDiskFreeSpaceA, GlobalUnlock, GlobalLock, CreateThread, CreateProcessA, RemoveDirectoryA, GetTempFileNameA, lstrlenA, lstrcatA, GetSystemDirectoryA, GetVersion, CloseHandle, lstrcmpiA, lstrcmpA, ExpandEnvironmentStringsA, GlobalFree, GlobalAlloc, WaitForSingleObject, GetExitCodeProcess, GetModuleHandleA, LoadLibraryExA, GetProcAddress, FreeLibrary, MultiByteToWideChar, WritePrivateProfileStringA, GetPrivateProfileStringA, WriteFile, ReadFile, MulDiv, SetFilePointer, FindClose, FindNextFileA, FindFirstFileA, DeleteFileA, GetWindowsDirectoryA
> USER32.dll: EndDialog, ScreenToClient, GetWindowRect, EnableMenuItem, GetSystemMenu, SetClassLongA, IsWindowEnabled, SetWindowPos, GetSysColor, GetWindowLongA, SetCursor, LoadCursorA, CheckDlgButton, GetMessagePos, LoadBitmapA, CallWindowProcA, IsWindowVisible, CloseClipboard, SetClipboardData, EmptyClipboard, RegisterClassA, TrackPopupMenu, AppendMenuA, CreatePopupMenu, GetSystemMetrics, SetDlgItemTextA, GetDlgItemTextA, MessageBoxIndirectA, CharPrevA, DispatchMessageA, PeekMessageA, DestroyWindow, CreateDialogParamA, SetTimer, SetWindowTextA, PostQuitMessage, SetForegroundWindow, wsprintfA, SendMessageTimeoutA, FindWindowExA, SystemParametersInfoA, CreateWindowExA, GetClassInfoA, DialogBoxParamA, CharNextA, OpenClipboard, ExitWindowsEx, IsWindow, GetDlgItem, SetWindowLongA, LoadImageA, GetDC, EnableWindow, InvalidateRect, SendMessageA, DefWindowProcA, BeginPaint, GetClientRect, FillRect, DrawTextA, EndPaint, ShowWindow
> GDI32.dll: SetBkColor, GetDeviceCaps, DeleteObject, CreateBrushIndirect, CreateFontIndirectA, SetBkMode, SetTextColor, SelectObject
> SHELL32.dll: SHGetPathFromIDListA, SHBrowseForFolderA, SHGetFileInfoA, ShellExecuteA, SHFileOperationA, SHGetSpecialFolderLocation
> ADVAPI32.dll: RegQueryValueExA, RegSetValueExA, RegEnumKeyA, RegEnumValueA, RegOpenKeyExA, RegDeleteKeyA, RegDeleteValueA, RegCloseKey, RegCreateKeyExA
> COMCTL32.dll: ImageList_AddMasked, ImageList_Destroy, -, ImageList_Create
> ole32.dll: CoTaskMemFree, OleInitialize, OleUninitialize, CoCreateInstance
> VERSION.dll: GetFileVersionInfoSizeA, GetFileVersionInfoA, VerQueryValueA

( 0 exports )
packers (Kaspersky): Swf2Swc