Script listed as malicious

[M-Ciolfi]

Hi Zjorz,

firstly, I appreciate your efforts and support.

When I uploaded the script to any online malware scanning tool, it was flagged as malicious, unlike the previous versions.

Is there a specific reason for this? Have other users reported similar findings?

Thank you very much for your support. Muri

[zjorz]

Which most recent version does not flag as malicious?

The only thing I can think of, is the script resetting the pwd of the KRBTGT account, but that IS the purpose of the script.

Flagging something as malicious does not say anything. I also find it interesting in understanding WHY that has been flagged as malicious. Are you able to understand why it is flagged as malicious?

Which tool did you use to scan the script? (url?)

nobody else has reported that to me

[cadamwil]

It's flagged by Kingsoft. I believe it's a false positive, not sure why they flag it. You may be able to contact VirusTotal and get them to kill it.

https://www.virustotal.com/gui/file/309ed04bb6cc6609d0a4584090168cb01f4f6ea98a44aee5be9d4030c906ef26

[zjorz]

it is probably flagged due to its security sensitive operation, being reset the krbtgt password. Will not do anything about this for now

[mihailim]

In my experience, Kingsoft isn't exactly... top tier for accuracy :) And, for what it's worth, the copy at that URL is no longer being flagged at all.