4:21 a.m.
Symantec Anti-virus is detecting Trojan.Zlob in
Inkscape-0.44-1.win32.exe and also in uninst.exe once Inkscape is
installed. I guess it has to do with a current update of the virus
definitions because when I originally downloaded and installed Inkscape
no virus was detected, however redownloading the binary immediately
triggers the on-access scanner.
I hope this is a false positive, but I would appreciate this if you
would investigate this. And may I suggest pulling the binary from
Sourceforge in the meantime to prevent possible inflections?
Laurens
4:22 a.m.
Sorry I sent the mail from the wrong e-mail address, please respond to
this mail, the other address it no longer active.
Laurens
4:39 a.m.
On Jul 2, 2006, at 1:21 AM, Laurens Blankers wrote:
Symantec Anti-virus is detecting Trojan.Zlob in
Inkscape-0.44-1.win32.exe and also in uninst.exe once Inkscape is
installed. I guess it has to do with a current update of the virus
definitions because when I originally downloaded and installed
Inkscape
no virus was detected, however redownloading the binary immediately
triggers the on-access scanner.
I hope this is a false positive, but I would appreciate this if you
would investigate this. And may I suggest pulling the binary from
Sourceforge in the meantime to prevent possible inflections?
To check, I just downloaded from sourceforge again.
The MD5 sum of the file I have is
89d47a58c6efd228c21446bca45d5efa Inkscape-0.44-1.win32.exe
ClamAV here on OS X says the file is clear. It appears that Zlob was
first seen over a year ago. So with these factors, it's looking very
much like you have a false positive.
Oh, and for reference, that name you have reported to you gives us
these details:
http://www.symantec.com/avcenter/venc/data/trojan.zlob.html
4:51 a.m.
The MD5 sum I have is the same as yours, however Symantec AV still
triggers on that exact file. The reference you provide is indeed the one
the AV provides, and the trojan is an old one so I don't know why it is
detecting it all of a sudden now, but it is and that is a bit worries me
a bit
Laurens
Jon A. Cruz wrote:
To check, I just downloaded from sourceforge again.
The MD5 sum of the file I have is
89d47a58c6efd228c21446bca45d5efa Inkscape-0.44-1.win32.exe
ClamAV here on OS X says the file is clear. It appears that Zlob was
first seen over a year ago. So with these factors, it's looking very
much like you have a false positive.
Oh, and for reference, that name you have reported to you gives us
these details:
http://www.symantec.com/avcenter/venc/data/trojan.zlob.html
8:51 a.m.
Laurens Blankers wrote:
The MD5 sum I have is the same as yours, however Symantec AV still
triggers on that exact file. The reference you provide is indeed the one
the AV provides, and the trojan is an old one so I don't know why it is
detecting it all of a sudden now, but it is and that is a bit worries me
a bit
http://nsis.sourceforge.net/NSIS_False_Positives
False positives are very common with NSIS installers. This is just a
fact. Not meant as a convincing argument.
Aaron Spike
8:54 a.m.
Hi!,
I remember that something similar happened with Notepad++ (another
sourceforge project) and was a false positive. It was caused by a part of
the code of the installer that resembled to an existing trojan. Only a few
antiviruses were detecting it (among them was Norton) and contacting the
vendors solved the problem with an update of the virus definitions.
I hope it is the same with inkscape...
I have Avira Guard installed on WindowsXP with the latest virus definitions
downloaded a couple minutes ago, and no detection...
Molumen
----- Original Message -----
From: "Laurens Blankers" <laurens@...1390...>
To: "Jon A. Cruz" <jon@...18...>
Cc: <inkscape-devel(a)lists.sourceforge.net>
Sent: Sunday, July 02, 2006 10:51 AM
Subject: Re: [Inkscape-devel] Trojan in Win32 binary?
The MD5 sum I have is the same as yours, however Symantec AV still
triggers on that exact file. The reference you provide is indeed the one
the AV provides, and the trojan is an old one so I don't know why it is
detecting it all of a sudden now, but it is and that is a bit worries me
a bit
Laurens
Jon A. Cruz wrote:
> To check, I just downloaded from sourceforge again.
>
> The MD5 sum of the file I have is
>
> 89d47a58c6efd228c21446bca45d5efa Inkscape-0.44-1.win32.exe
>
>
> ClamAV here on OS X says the file is clear. It appears that Zlob was
> first seen over a year ago. So with these factors, it's looking very
> much like you have a false positive.
>
> Oh, and for reference, that name you have reported to you gives us
> these details:
> http://www.symantec.com/avcenter/venc/data/trojan.zlob.html
>
>
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job
easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&...
_______________________________________________
Inkscape-devel mailing list
Inkscape-devel(a)lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/inkscape-devel
6303
days inactive
6303
days old
inkscape-devel@lists.inkscape.org
5 comments
4 participants
participants (4)
-
Aaron Spike -
Jon A. Cruz -
Laurens Blankers -
momo