big problem - trojan.Win32.Agent.kl

Convert your BATch files into EXEcutable format in one click.
Oleg Tsheglov
Site Admin
Posts: 307
Joined: Fri Feb 13, 2004 5:55 pm
Contact:

Post by Oleg Tsheglov »

McAfee doesn't respond to my emails :-(
Thanateros

Post by Thanateros »

McCrappy sucks anyway.
Darrin

Post by Darrin »

... don't want to pile on but ... FYI - as of 1-Feb-06 rev. 21 virus def's (up until 31-Jan-06 was ok), Symantec AntiVirus Corporate is now also ID'ing & deleting compiled .bat to .exe's along with the Quick Batch File Compiler stubc.dll as Trojan Horse.
Colin Hewitt

Post by Colin Hewitt »

Symantec AV is flagging everything compiled by qbf as a trojan

Colin
Oleg Tsheglov
Site Admin
Posts: 307
Joined: Fri Feb 13, 2004 5:55 pm
Contact:

Post by Oleg Tsheglov »

We sent request to Symantec yesterday.

Request reference number: 1740326
John Mack

Post by John Mack »

I get the same message from McAfee Visusscan enterprise only the virus is seen as Univ.script/99a.

Hope McAfee is made aware of this problem

John
Oleg Tsheglov
Site Admin
Posts: 307
Joined: Fri Feb 13, 2004 5:55 pm
Contact:

Post by Oleg Tsheglov »

We already get confirmation from Symantec. False positive will be fixed after next database update.

McAfee still not respond....
Steve Meckling

Post by Steve Meckling »

For what it's worth, I am also getting the McAfee v8 deletion of the %temp%\*.bat file due to the Univ.script/99a detection.
Oleg Tsheglov
Site Admin
Posts: 307
Joined: Fri Feb 13, 2004 5:55 pm
Contact:

Post by Oleg Tsheglov »

We have reviewed your recent false positive submission to Symantec's
Detection Review database. We are happy to inform you that our review has
resulted in the correction of the false positive you reported -- Trojan
Horse detection in Quick Batch Compiler 2.0.8.5. The updated detection is
available in the latest set of virus definitions, available via
LiveUpdate, or from our website at
http://securityresponse.symantec.com/avcenter/defs.download.html.

Sincerely,

Symantec Security Response
http://securityresponse.symantec.com
Post Reply