Jump to content
Tuts 4 You

Is this Malicious?


Blah

Recommended Posts

hey all..

i want to try this app out but when clicking the setup exe zone alarm says its malicious but not sure if its true since the source is right from the web page

Warning! Setup Bootstrap for Visual Basic Setup Toolkit is a malicious program and trying to run on your computer

heres the homepage

http://www.pitchtrain.com/

exe

http://www.pitchtrain.com/PTsetup.exe

thanx mates...

:confused:

Link to comment

If you set programs protection to highest level, zone alarm will execute this message each time you run a new program that was never in zone alarm db, i think learn mode is quite good to run programs without any notification and you will still protected ;)

Link to comment
If you set programs protection to highest level, zone alarm will execute this message each time you run a new program that was never in zone alarm db, i think learn mode is quite good to run programs without any notification and you will still protected ;)

ZA never has givin me this warning till now...its a odd one :)

im guessing its safe since its straight from the appz homepage but was curious...

cheers

Link to comment

Hi,

This program is not Malicious, here a fast analysis of it

F-PROT 6 - Nothing found!

G DATA - Nothing found!

IkarusT3 - Nothing found!

Kaspersky - Nothing found!

McAfee - Nothing found!

MHR (Malware Hash Registry) - Nothing found!

NOD32 v3 - Nothing found!

Norman - Nothing found!

Panda - Nothing found!

Quick Heal - Nothing found!

Solo Antivirus - Nothing found!

Sophos - Nothing found!

TrendMicro - Nothing found!

VBA32 - Nothing found!

Virus Buster - Nothing found!

Import Table

USER32.dll

+GetWindowRect

+SetCursor

+EndDialog

+DefWindowProcA

+GetWindowWord

+SetWindowWord

+BeginPaint

+GetSysColor

+GetClientRect

+SetRect

+EndPaint

+RegisterClassA

+LoadIconA

+OemToCharBuffA

+LoadCursorA

+GetLastActivePopup

+ShowWindow

+PostMessageA

+EnableWindow

+GetTopWindow

+DestroyWindow

+GetWindowLongA

+SetWindowLongA

+SetWindowTextA

+SetForegroundWindow

+SetActiveWindow

+CharNextA

+SetTimer

+GetMessageA

+PostQuitMessage

+KillTimer

+DialogBoxIndirectParamA

+GetDlgItemTextA

+SendMessageA

+GetSystemMetrics

+SetWindowPos

+PeekMessageA

+TranslateMessage

+DispatchMessageA

+GetParent

+SetDlgItemTextA

+SendDlgItemMessageA

+GetDlgItem

+InvalidateRect

+UpdateWindow

+wsprintfA

+MessageBoxA

KERNEL32.dll

+_lopen

+WinExec

+CreateProcessA

+_lclose

+GetVolumeInformationA

+RtlUnwind

+GetCommandLineA

+GetModuleHandleA

+ExitProcess

+FindNextFileA

+MoveFileExA

+CreateFileA

+GetFileSize

+CreateFileMappingA

+MapViewOfFile

+UnmapViewOfFile

+CloseHandle

+SetFilePointer

+SetEndOfFile

+RemoveDirectoryA

+SetFileAttributesA

+DeleteFileA

+GetACP

+GetModuleFileNameA

+SetErrorMode

+GetVersion

+LoadLibraryA

+GetProcAddress

+GetLastError

+FormatMessageA

+FreeLibrary

+WaitForSingleObject

+GetTickCount

+GetWindowsDirectoryA

+FindClose

+FindFirstFileA

+SetCurrentDirectoryA

+lstrlenA

+CreateDirectoryA

+lstrcatA

+SetFileTime

+LocalFileTimeToFileTime

+DosDateTimeToFileTime

+_lcreat

+lstrcpyA

+LocalAlloc

+GetEnvironmentVariableA

+OpenFile

+_lwrite

+_lread

+GetDriveTypeA

+_llseek

+LocalFree

+GlobalLock

GDI32.dll

+GetTextExtentPoint32A

MD5 Hash: 5192393535AC7408AB743EAB9DBC2200

SHA1 Hash: 8C34900D2F94505784379E2010A8EEE112E20C73

Some programs are seen as Riskware a category borned some year ago because these may cause damages, for example the Age-Old IrcWar tools :)

Regards,

Giuseppe 'Evilcry' Bonfa'

Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...