Saleen Software Solutions
     Our Lord is coming back in X days Y hours Z minutes and V seconds. Are you prepared?
We stand with Israel!
    Professional software development
Check all your programs
for updates.

   Saleen Software > Forums > Web Downloader >

TR/Crypt.XPACK.Gen gefunden in der aktuelle webdownloader datei

Post a reply / Write a message here

1 2 >
  img-045.png saleen support  13/Feb/15 16:03:01
Fixed. Closing
  img-045.png saleen support  28/Sep/14 11:44:22

And here is Avira's reply

  img-045.png saleen support  28/Sep/14 10:34:38

Guys, please upgrade to build 364.

Here is the installer report

Here is the executable report

Only Avira and Bkav complain.

  img-045.png saleen support  26/Sep/14 11:52:45
Apparently 10 of the reports use the same threat identifier "20140926"

which mean they all somehow share information.
Anyone has any information which one of them is a bigger player, so that  I should contact.

F-Secure maybe?

update: I contacted F-Secure and Avast. 
Also AVG two days ago.
  img-045.png saleen support  26/Sep/14 11:46:55
installer report as of 26sep2014

Ad-Aware Trojan.Generic.11808674 20140926 
AegisLab Troj.Dropper.W32.Delf 20140926 
Avast Win32:Dropper-gen [Drp] 20140926 
BitDefender Trojan.Generic.11808674 20140926 
Comodo UnclassifiedMalware 20140926 
Emsisoft Trojan.Generic.11808674 (B) 20140926 
F-Secure Trojan.Generic.11808674 20140926 
GData Trojan.Generic.11808674 20140926 
MicroWorld-eScan Trojan.Generic.11808674 20140926
TrendMicro-HouseCall Suspicious_GEN.F47V0913 20140926 
nProtect Trojan.Generic.11808674 20140925 

executable report as of 26sep2014
Avast Win32:Malware-gen 20140924 
Avira TR/Crypt.XPACK.Gen 20140924
Ikarus Trojan.Crypt 20140924 
Qihoo-360 HEUR/Malware.QVM03.Gen 20140924

  img-045.png saleen support  26/Sep/14 11:46:08
OK guys.
It is getting worse from what I can see in the reports.
More minor antivirus programs report issues.

However please see that AVG which I contacted has removed the threat, at least this is what the report tells me.

I can personally guarantee that all my code is clean.
I am using a new obfuscator since the last release called ConfuserEx
( Apparently many trojan use the same obfuscator.

Please stand by your favorite downloader, in these difficult times it is facing

I will keep you updated.

  505034.png Renan R  25/Sep/14 08:22:16
For the moment I've added webdownloader.exe as an exception in AVG, making it ignore the so called Trojan.
  505034.png Renan R  25/Sep/14 08:14:39
I'm running AVG. It detects the trojan IDP.TROJAN.E13F31C in webdownloader.exe itself.
  img-045.png saleen support  25/Sep/14 06:02:40
here is the latest analysis of 

WebDownloader build 361 Installer

AVG and Avira show it, as clean.

WebDownloader build 361 Program

AVG shows it, as clean.

Can someone with AVG confirm that all is well?

I also contacted Avast
  img-045.png saleen support  24/Sep/14 10:53:53
I contacted avg and waiting for their reply.
The software is clean.
See for yourself at

Will post the direct url later.

  Copyright (c) 2007-2018 Saleen Software     20180123uyqhfg1dja3b42kzstw3pyrd   2018-01-23 21:33:22