VisualWorks-1.15.exe
Locked
 
|
Hi, When doing a 7.91 install on OSX 10.6.8 with Avast free edition running I get a strange Virus warning on VisualWorks-1.15.exe in the preview bin directory ? Any explanation ? Regards, @+Maarten, https://dl.dropbox.com/u/5848367/avast.png _______________________________________________ vwnc mailing list [hidden email] http://lists.cs.uiuc.edu/mailman/listinfo/vwnc |
|
Maarten, from time to time we get reports along these lines. So far,
what we noticed is that every so often we get false positive reports from antivirus programs. Try uploading the file to http://virscan.org and see what results you get. If there are significant problems found (e.g. 90% detect the same type of malware), then we can start doing other things like making sure you got an unmodified version of the file etc. I just did that and I found the following. 1. Apparently I tried the same thing on the same file back in August of 2012, and I only got a positive report out of Avast. They tested 36 antivirus programs back then, and only one out of 36 programs complains? I'd think that can be written off as a false positive. 2. I just reuploaded the latest version, and I get 3 out of 37 antivirus complains about MS07, including Avast. I had to ask for a rescan because the file was the same that was uploaded before (via MD5 hash). Huh. I eyeballed the executable's binary and I see nothing out of the ordinary at first glance. For something described as a backdoor, or a virus, or a trojan (depends on which of the 3 antivirus above you ask), I'd expect to see a significant chunk of executable that is compressed with some custom packer to obfuscate detection. I do not see any such thing. I do not even see a lot of executable bits at all, there's just over 4kb decompressed code (including code padding added by the compiler). I'd send the file to Avast and ask them to explain how MS07 is present. On 3/2/13 11:22 AM, [hidden email] wrote: > Hi, > > When doing a 7.91 install on OSX 10.6.8 with Avast free edition running > I get a strange Virus warning on VisualWorks-1.15.exe in the preview bin > directory ? > > Any explanation ? > > Regards, > > @+Maarten, > > https://dl.dropbox.com/u/5848367/avast.png > vwnc mailing list [hidden email] http://lists.cs.uiuc.edu/mailman/listinfo/vwnc |
|
|
Thank you Andres,
That is more then enough explanation for me. Did'nt even know that they sorted files automatically and can be so mistaken on the way.
Regards,
@+Maarten,
On Sunday, 3 March, 2013 21:43, "Andres Valloud" <[hidden email]> said: > Maarten, from time to time we get reports along these lines. So far, > what we noticed is that every so often we get false positive reports > from antivirus programs. > > Try uploading the file to http://virscan.org and see what results you > get. If there are significant problems found (e.g. 90% detect the same > type of malware), then we can start doing other things like making sure > you got an unmodified version of the file etc. I just did that and I > found the following. > > 1. Apparently I tried the same thing on the same file back in August of > 2012, and I only got a positive report out of Avast. They tested 36 > antivirus programs back then, and only one out of 36 programs complains? > I'd think that can be written off as a false positive. > > 2. I just reuploaded the latest version, and I get 3 out of 37 > antivirus complains about MS07, including Avast. I had to ask for a > rescan because the file was the same that was uploaded before (via MD5 > hash). > > Huh. I eyeballed the executable's binary and I see nothing out of the > ordinary at first glance. For something described as a backdoor, or a > virus, or a trojan (depends on which of the 3 antivirus above you ask), > I'd expect to see a significant chunk of executable that is compressed > with some custom packer to obfuscate detection. I do not see any such > thing. I do not even see a lot of executable bits at all, there's just > over 4kb decompressed code (including code padding added by the compiler). > > I'd send the file to Avast and ask them to explain how MS07 is present. > > On 3/2/13 11:22 AM, [hidden email] wrote: > > Hi, > > > > When doing a 7.91 install on OSX 10.6.8 with Avast free edition running > > I get a strange Virus warning on VisualWorks-1.15.exe in the preview bin > > directory ? > > > > Any explanation ? > > > > Regards, > > > > @+Maarten, > > > > https://dl.dropbox.com/u/5848367/avast.png > > > _______________________________________________ > vwnc mailing list > [hidden email] > http://lists.cs.uiuc.edu/mailman/listinfo/vwnc > vwnc mailing list [hidden email] http://lists.cs.uiuc.edu/mailman/listinfo/vwnc |
|
|
You can report this false positive result directly to the antivirus maker at [hidden email]
It is suggested you zip up the file in question, and note you believe it is a false positive. I have reported it and would suggest to anyone experiencing this issue to do the same. Regards Arden Thomas Arden Thomas Cincom Smalltalk Product Manager 845 296 0686 Cincom Smalltalk - It makes hard things easier, the impossible, possible "Simplicity is the Ultimate Sophistication" - Leonardo Da Vinci On Mar 4, 2013, at 11:22 AM, [hidden email] wrote:
_______________________________________________ vwnc mailing list [hidden email] http://lists.cs.uiuc.edu/mailman/listinfo/vwnc |
«
Return to VisualWorks
|
1 view|%1 views
| Free forum by Nabble | Edit this page |