January 21, 2016 Re: Website contains a virus? | ||||
|---|---|---|---|---|
| ||||
 Posted in reply to Walter Bright | On Thursday, 21 January 2016 at 19:23:50 UTC, Walter Bright wrote:
> On 1/21/2016 10:46 AM, Dominikus Dittes Scherkl wrote:
>> I'm using Norton Security from Symantec, and it claims that the current compiler
>> dmd-2.069.2.exe is infected with the "Trojan.Gen.2". Not a particularly harmful
>> virus, but nevertheless I hope that's not true or you can fix that rather soon!
>
> I've had virus checkers claim Digital Mars software had viruses before. They were all false positives. That doesn't prove this one is a false positive, but I've heard "wolf" cried enough times that I'm pretty jaundiced about it.
Yeah.
The problem is, Norton is rather wide-spread and it put a big warning before this site now, which is rather annoing even if you are convinced it's a false positive :-(
I suspect this can do much harm to the D community if we can't manage to get rid of the warning. But only the site-owner can get a re-evaluation from Norton.
| |||
Permalink
ReplyJanuary 21, 2016 Re: Website contains a virus? | ||||
|---|---|---|---|---|
| ||||
 Posted in reply to Brad Anderson | On 1/21/2016 10:57 AM, Brad Anderson wrote:
> New results:
> https://www.virustotal.com/en/file/45e01e0eba641b02874d84fafceefac2b53a28add31ceeef2a4bfce13c1440d7/analysis/1453402410/
>
>
> Now to decide if it's a false positive... (we use NSIS which I could easily see
> being an easily thing to have false positives with).
Note that different tools find different "viruses"
Comodo Heur.Packed.Unknown 20160121
DrWeb Trojan.Packed.196 20160121
McAfee-GW-Edition BehavesLike.Win32.Tool.tc 20160121
Rising PE:Malware.XPACK/RDM!5.1 [F] 20160121
Symantec Trojan.Gen.2 20160121
TrendMicro Possible_Virus 20160121
Meaning they don't know what they're doing. In the past some of these were driven by Optlink making an executable that is not quite like what MS tools make, so, hey, "Possible Virus". Blech.
| |||
January 22, 2016 Re: Website contains a virus? | ||||
|---|---|---|---|---|
| ||||
 Posted in reply to Walter Bright | On Friday, 22 January 2016 at 02:14:53 UTC, Walter Bright wrote:
> In the past some of these were driven by Optlink making an executable that is not quite like what MS tools make, so, hey, "Possible Virus". Blech.
Yeah, I was bitten by this too, antiviruses started barfing at my Win32 app when it was statically linked with libjpeg, while the lib file itself and the app without this lib linked in were accepted by the same antiviruses as clean.
I understand DMD is now linked by Optlink. How hard would it be to try linking it with MS linker? This could be a workaround, otherwise we might soon find dlang.org blocked by major browsers and antimalware systems.
| |||
January 22, 2016 Re: Website contains a virus? | ||||
|---|---|---|---|---|
| ||||
 Posted in reply to Walter Bright | On Friday, 22 January 2016 at 02:14:53 UTC, Walter Bright wrote:
> Note that different tools find different "viruses"
>
> Comodo Heur.Packed.Unknown 20160121
> DrWeb Trojan.Packed.196 20160121
> McAfee-GW-Edition BehavesLike.Win32.Tool.tc 20160121
> Rising PE:Malware.XPACK/RDM!5.1 [F] 20160121
> Symantec Trojan.Gen.2 20160121
> TrendMicro Possible_Virus 20160121
>
> Meaning they don't know what they're doing.
No, antiviruses always had independent naming schemes and virus classification.
| |||
Copyright © 1999-2021 by the D Language Foundation