Downloaded the recent version of the converter and redid peppe's steps... interestingly the result still has some hits, obviously the way of executing a batch file during run time is something some malware does similarly. Also the resulting exe file is UPX packed, which is often regarded as suspicious, because viruses often try to cloak themselves by that. http://is.gd/3dvL6
and a more frightening result from the online conversion also offered on the site http://is.gd/3dxKU As I don't know anything about the author of the tool, it is unfortunately not trustworthy and even if these are just false alarms (seems probable, because of the differing results, especially in case one above) I don't think the project should take the risk of delivering viruses. This leaves to suggest - the binary should be removed from the distribution. I additionally searched for a replacement and found http://www.abyssmedia.com/quickbfc/ which seems to come without UPX compression and only 3 hits on virustotal, from which 2 are heuristical. This could be candidate for a replacement. http://is.gd/3dzL6 .. regards ede On 13.09.2009 07:28, Giuseppe Aruta wrote: > Hi all, > I am still out for work so I cannot take time for Oenjump. > oj.exe: I create a script with only one line "openjump.bat", save as oj.bat, > and transform nto oj.ee using "bat to exe converter" by f2ko > "http://www.f2ko.de/English/index.php";. > > Peppe > > --- Mar 8/9/09, Michaël Michaud<michael.mich...@free.fr> ha scritto: > > >> Da: Michaël Michaud<michael.mich...@free.fr> >> Oggetto: Re: [JPP-Devel] Virus/Spyware 'Troj/Agent-KRQ' in OpenJump 1.3 zip >> file >> A: "OpenJump develop and use"<jump-pilot-devel@lists.sourceforge.net> >> Data: Martedì 8 settembre 2009, 23:33 >> Hi Stefan, Peppe, >> >> I also get a message from my antivirus because of OJ.exe: >> My antivirus (antivir) says it is : TR/Crypt.ULPM.Gen - >> Trojan >> >> I don't worry much about it, but let's see with Peppe how >> the OJ.exe has >> been made and if the alert can be removed by creating a new >> exe. >> >> Michaël >> >> Stefan Steiniger a écrit : >> >>> mhm.. >>> http://www.virustotal.com/analisis/ef8f87e0ebaa203a51f98e1d1e6b68af68ca2ac1b2513181ede852268cceebd0-1252436424 >>> >>> not sure what this means. >>> Actually somebody uploaded it before I did already >>> >>> stefan >>> >>> edgar.sol...@web.de >>> >> wrote: >> >>> >>> >>>> What does virustotal.com has to say about it? .. >>>> >> Probably a mismatch >> >>>> because of the executing external code routine. >>>> >>>> .. ede >>>> >>>> >>>> On 07.09.2009 16:12, Rahkonen Jukka wrote: >>>> >>>> >>>>> Hi, >>>>> >>>>> My OJ.exe has been on my disk for several >>>>> >> months but just a few weeks ago eTrust Antivirus gave the >> first virus alarm. F-Secure Client Security is not worried >> at all. I do not know if it is a false alarm or not. >> >>>>> -Jukka Rahkonen- >>>>> >>>>> >>>>> >>>>>> -----Alkuperäinen viesti----- >>>>>> Lähettäjä: Malte Weller [mailto:wel...@umwelt.uni-hannover.de] >>>>>> Lähetetty: 7. syyskuuta 2009 15:18 >>>>>> Vastaanottaja: OpenJump develop and use >>>>>> Aihe: [JPP-Devel] Virus/Spyware >>>>>> >> 'Troj/Agent-KRQ' in OpenJump >> >>>>>> 1.3 zip file >>>>>> >>>>>> Hi, >>>>>> >>>>>> I just downloaded version 1.3 (zip and >>>>>> >> source files) from >> >>>>>> SourceForge and my Sophos antivirus >>>>>> >> software informed me >> >>>>>> about a trojan >>>>>> (Troj/Agent-KRQ) in the OJ.exe >>>>>> >> (openjump-1.3\bin\OJ.exe). >> >>>>>> Can someone else confirm this? >>>>>> >>>>>> Greetings from Hanover. >>>>>> Malte >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>> >> ------------------------------------------------------------------------------ >> >>>>> Let Crystal Reports handle the reporting - >>>>> >> Free Crystal Reports 2008 30-Day >> >>>>> trial. Simplify your report design, >>>>> >> integration and deployment - and focus on >> >>>>> what you do best, core application coding. >>>>> >> Discover what's new with >> >>>>> Crystal Reports now. http://p.sf.net/sfu/bobj-july >>>>> >>>>> >> _______________________________________________ >> >>>>> Jump-pilot-devel mailing list >>>>> Jump-pilot-devel@lists.sourceforge.net >>>>> https://lists.sourceforge.net/lists/listinfo/jump-pilot-devel >>>>> >>>>> >>>> >> ------------------------------------------------------------------------------ >> >>>> Let Crystal Reports handle the reporting - Free >>>> >> Crystal Reports 2008 30-Day >> >>>> trial. Simplify your report design, integration >>>> >> and deployment - and focus on >> >>>> what you do best, core application coding. >>>> >> Discover what's new with >> >>>> Crystal Reports now. http://p.sf.net/sfu/bobj-july >>>> _______________________________________________ >>>> Jump-pilot-devel mailing list >>>> Jump-pilot-devel@lists.sourceforge.net >>>> https://lists.sourceforge.net/lists/listinfo/jump-pilot-devel >>>> >>>> >>>> >>>> >>> >>> >> ------------------------------------------------------------------------------ >> >>> Let Crystal Reports handle the reporting - Free >>> >> Crystal Reports 2008 30-Day >> >>> trial. Simplify your report design, integration and >>> >> deployment - and focus on >> >>> what you do best, core application coding. Discover >>> >> what's new with >> >>> Crystal Reports now. http://p.sf.net/sfu/bobj-july >>> _______________________________________________ >>> Jump-pilot-devel mailing list >>> Jump-pilot-devel@lists.sourceforge.net >>> https://lists.sourceforge.net/lists/listinfo/jump-pilot-devel >>> >>> >>> >>> >> >> ------------------------------------------------------------------------------ >> Let Crystal Reports handle the reporting - Free Crystal >> Reports 2008 30-Day >> trial. Simplify your report design, integration and >> deployment - and focus on >> what you do best, core application coding. Discover what's >> new with >> Crystal Reports now. http://p.sf.net/sfu/bobj-july >> _______________________________________________ >> Jump-pilot-devel mailing list >> Jump-pilot-devel@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/jump-pilot-devel >> >> > > > > ------------------------------------------------------------------------------ > Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day > trial. Simplify your report design, integration and deployment - and focus on > what you do best, core application coding. Discover what's new with > Crystal Reports now. http://p.sf.net/sfu/bobj-july > _______________________________________________ > Jump-pilot-devel mailing list > Jump-pilot-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/jump-pilot-devel > ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ Jump-pilot-devel mailing list Jump-pilot-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jump-pilot-devel
