Wiretap

Wiretap

Reply
New Member
pwortas
Posts: 2
Registered: ‎03-29-2007
Message 1 of 3 (1,753 Views)

AVG reporting downloader in 2007 SDK

1753 Views, 2 Replies
01-31-2008 08:15 AM
As of my last update to AVG Free, it is reporting the malware Downloader.Swizzor in the following executables from the 2007 SDK package.

tools\Windows\x86_64\XP\wiretap_client_tool.exe
tools\Windows\x86_64\XP\wiretap_get_children.exe
tools\Windows\x86_64\XP\wiretap_rw_frame.exe

This is consistent across all instances of the executables and is also detected in the source file WireTapAPI-SW20070-1019.zip.

I was unable to find a location to re-download the 2007 SDK to test it. Since this just came up, I would assume it's mistakenly fingerprinting the above executables. The 2008 SDK (WireTapAPI-SW2008-1080.zip) is not affected.

Does anyone else still use/have the 2007 SDK to test/confirm this?
Distinguished Contributor
dlabute
Posts: 103
Registered: ‎05-11-2004
Message 2 of 3 (1,753 Views)

Re: AVG reporting downloader in 2007 SDK

02-01-2008 04:38 PM in reply to: pwortas
Hi,

Thanks for reporting this. We had a look at the older version of the ZIP file you cited with AVG and managed to reproduce the issue only with the build of the SDK you cited. No other builds seemed affected.

We were not able to find the virus with any other commercial virus scanner even with the most current definition files. After some research, it seems that AVG has had problems in the past with false alarms specific to the Downloader.Swizzor virus.

Regardless, our IT department is giving this their full attention just to be safe, and I would be surprised if it turns out to be a real threat. The virus is also quite easy to remove.

Sincerely,

Dan Labute
Autodesk M&E
New Member
davher
Posts: 1
Registered: ‎10-06-2011
Message 3 of 3 (1,675 Views)

Re: AVG reporting downloader in 2007 SDK

10-06-2011 03:22 PM in reply to: pwortas

I think you guys should check out http://www.opswat.com/ there are 2 or 3 products that may be a match. I think that OESIS Framework at http://www.opswat.com/products/oesis-framework provides a single interface to many antivirus and AVG is in that list. Another option is, I think, Metascan at http://www.opswat.com/products/metascan which is more for ISV.
I also found that AVG is certified by OPSWAT at http://www.opswat.com/certified.

I hope this helps.
Regards, 

Post to the Community

Have questions about Autodesk products? Ask the community.

New Post
Announcements
Do you have 60 seconds to spare? The Autodesk Community Team is revamping our site ranking system and we want your feedback! Please click here to launch the 5 question survey. As always your input is greatly appreciated.