Aller au contenu principal

Adaware marks a VB program containing function CreateObject("WScript.Shell") a Trojan

Commentaires

3 commentaires

  • Customer


    Hi,



    Thanks for directing my question to the correct forum.



    Attached you will find the Adaware report file as requested.



    I made full scans of my PC before and they all came up with no threat found.



    Also attached is a zip file containing the infected and clean versions of the file which I have compiled myself.



    As I have indicated earlier, the ONLY difference between the two files is that the infected one contains the following line:



    CreateObject("WScript.Shell")



    and the clean one does not.



    It is conceivable that many viruses or trojans may use the CreateObject("WScript.Shell") command, because it is primarily a file operations command.



    However this does not mean that all apps using this function are trojans.



    My guess is that you need to change the fingerprint for this particular trojan family (Gen:Trojan.Heur.VP2.dm...) so that it is not based on the presence of the CreateObject("WScript.Shell") command in an executable file.



    Many thanks for your kind support.



     



     


    adaware_Report_Custom_Manual_02-09-2018 124403.xml

    false positive.zip

    0
  • Support


    Hi matmat,



    I've moved your topic to the forum for false positives.



    Please follow the guide




     

    0
  • Customer


    Hi matmat,



    Thanks for providing so much detail. The detection is a false positive and will be removed within the next few updates/within a few hours.



    LS Andy

    0

Vous devez vous connecter pour laisser un commentaire.