False positive: ImageShrink.exe

File is defnintely not a virus, I use it sometimes in my work. It’s a simple image resizer written in Delphi.

If somebody can upload it to the link i gave in my previous post and can give me a ink to the results i can definately help in judging the file.i cant do so cozz i am on a other machine.

upload here:
http://www.threatexpert.com/submit.aspx

I uploaded it but i didn’t get a e-mail from them yet or i don’t see it on the reports page http://www.threatexpert.com/reports.aspx

Same problem…

try uploading it here:
http://anubis.iseclab.org/

Post link to results here please…

Just got the results here they are http://www.threatexpert.com/report.aspx?md5=65bf5ca5d39fbf509139cbd529644c8e

As i see the threat expert report i see that it doesnt seem to be maware it is a FP for sure…

Ikarus says its trojan delf…seeing the threat expert report and the characteristics of trojan delf dont match see this:

http://www.threatexpert.com/threats/trojan-dropper-delf.html

compare the characteristics with this:
http://www.threatexpert.com/report.aspx?md5=65bf5ca5d39fbf509139cbd529644c8e

Results from Anubis
http://anubis.iseclab.org/?action=result&task_id=17e2e6aab195b05c4f960f67cd1edc375&format=html

It desnt seem to be malware…its FP :slight_smile:

in threatexpert report kaspersky detects it and kaspersky doesnt detect in virustotal results… :o

It is the same file didn’t you check the MD5s they are the same, the VT link provided by SaAnVi is for an old scan 27 July 2010 (2010-07-27 22:24:12 (UTC)), so is a totally outdated set of results. Unfortunately the link provided by Coolmario88cp doesn’t work.

Wow, the FP is fixed! Thanks! 8)

Your Welcome!

i am happy we were helpful to solve your problem.

merry christmas and happy new year! ;D

Hi Coolmario88cp

shrink.exe is a potential security risk which can be modified maliciously by malware, that is why it should be removed. The final rating for this is threat…

polonus

but this sample doesnt seem to be a threat,right?

DrWeb Lab:

Your request has been analyzed. This operation is wrong. The error has been corrected.

Thank you for your cooperation.

Sincerely,
Virus Monitoring Service Ltd. “Doctor Web”

Original file name: imageshrink.log
File size: 65536
MD5: 65bf5ca5d39fbf509139cbd529644c8e