Eesbin.G

Discussion in 'Malware Help (A Specialist Will Reply)' started by REM1949, Jul 27, 2008.

  1. REM1949

    REM1949 Private E-2

    Hi everyone - I'm new to MajorGeeks and not sure if this is the right forum, but I'm really puzzled, and hope someone may be able to help.

    I used to write Delphi apps, and have some of the old (early 1990s) compiled files in my archive drive. I recently updated my free AVG anti-virus to version 8.0, and it now reports it has detected Trojan Dropper Eesbin.g in one of those files. I've deleted the compiled file, but as I suspect it was a "false positive" I have tried to get info on the web. The AVG site says it has no information on the trojan, and the only substantial reference I can find concerns Eesbin.c in the thread started by JamJar on 15 August 2004 (AVG Free Version - Trojan Horse Dropper.eesbin.c)

    Does anyone have any information on Eesbin that I can use to check my source code for nasties before recompiling.

    thanks
    REM
     
    REM1949, Jul 27, 2008
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    I believe you may get more hits (but nothing to useful) by searching on EESBinder.

    I would bet that you are just getting a false detection of something in your code that AVG thinks is a problem. I believe one of their updates in July added this detection which may be why you never saw it before. Either way it is probably false.
     
    chaslang, Jul 28, 2008
    #2
  3. REM1949

    REM1949 Private E-2

    Thanks for the advice, Chaslang. Searching on Eesbinder gave me a bit more information, but I guess I'll just try rearranging the unit order in my source and recompile. If AVG still complains I'll send it to them to check out. At least I've not had any complaints from past customers yet ...
    REM
     
    REM1949, Jul 30, 2008
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You may want to describe to them exactly what the particular piece of code is doing. Sometime the functional behavior is what a scanner picks up and can sometimes be interpreted as malicious or potentially risky based on what it is doing. Even a piece of code that writes to the registry to save parameters for a program can sometimes be viewed as a potential problem. Also downloading files automatically can be viewed as a risk........etc.
     
    chaslang, Jul 30, 2008
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds