The Funny World of Virus Scanners
Ok here is some funny results you get from some Virus scanners with them picking up false results.
I made a simple Hello World 3 line code in VB6...here are the 3 lines...with one Form
Private Sub Form_Load()
Caption = "Hello World"
End Sub
I made this as a EXE and called it "helloworld.exe" then i submitted
this file to a web site Virus Total www.virustotal.com
This website has a service where it will put the file though many virus scanners
and show the results.
Here is picture of the results: www.virustotal.com/analisis/1f2ac722395c75321313a6fa0e59d0051d892f2f9be6dfb64ae9f2f678831fc8-1248968344
Now I will UPX the file see what results you get....This packs the executables file with a well known upx http://upx.sourceforge.net/
I am using a GUI for the UPX to make it easyer...using drag and drop.
Now see the amazing result changes ...See eSafe now says its a Suspicious File
... and F-Secure now says its a Suspicious:W32/Malware!Gemini
what is amazing as the file is the same but its just packed using UPX ... and
even a-squared its changed.
Now what does this all mean....to me it means you cant really trust the results
you get from many virus scanners...
be very carefull to not let there results scare or worry you... many results
are just false postives........
Here is the VB6 in a winzip click
here to download it...if you have VB6
This has the VB6 source ... plus the helloworld.exe and the helloworld.exe
UPX packed version