Go Down

Topic: Strange Finding after testing Arduino Files on Virustotal (Read 1 time) previous topic - next topic

Hi everybody,

today I had some files from Arduino 0023 checked on Virustotal (in terms of PC security I am sometimes a bit paranoid). When I checked the Files from the FTDI USB drivers folder, I got the following results:

For "FTDIUNIN.exe", ByteHero says " Trojan.Malware.Win32.xPack.m", and "FTLang.dll" and "FTBUSUI.dll" are recognized by Antiy-AVL as "Virus/Win32.CrazyPrier.gen"

I got the same with the Arduino 0022 package. I got both from the Google Code Page of the Arduino Project and the SHA-1 hashes were correct.

I already notified the Arduino team, but also wanted to ask you for your opinion. Is it probably a false positive (as only one of 40 scanners found something)?

robtillaart

Quote
Is it probably a false positive (as only one of 40 scanners found something)?

yes, but you never can be sure ...

BTW the damage done by none viral software is much underestimated so only checking for virusses might be not enough.

The real costs of damage is often "how long does it take to repair my PC" and "how much is lost" Making backups regularly (to another type of OS of course) is often equally important than using 40 scanners. I am wondering how your disks perform with al those scanners? don't they wear out?
Rob Tillaart

Nederlandse sectie - http://arduino.cc/forum/index.php/board,77.0.html -
(Please do not PM for private consultancy)

westfw

Do you get the same results on FTDI drivers downloaded direct from FTDI?

#3
Dec 02, 2011, 09:19 pm Last Edit: Dec 02, 2011, 09:25 pm by sjfaustino Reason: 1

I am wondering how your disks perform with al those scanners? don't they wear out?

It's not a local solution but a website where you can upload a file and have it checked by a series of antivirus engines.

http://www.virustotal.com/
Quote
Virustotal is a service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines.

You can see an example of the results (and the engines used) here: http://www.virustotal.com/file-scan/report.html?id=a28dc7d8cdf6490dce9a7832929aaee95cfff0235d0f8e2487044c57901afc13-1296080680

Go Up