You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Nov 20, 2020. It is now read-only.
Avast Anti-virus reports Win32:Evo-gen in wxlua.exe in LuaDist-batteries-0.9.7-Windows-mingw32.zip (Windows 32bit LuaDist batteries-0.9.7 15.5MB Uploaded on Oct 23, 2012)
#200
Open
SlySven opened this issue
Aug 3, 2014
· 5 comments
Are you sure the file has not been contaminated after download? Here are the VirusTotal results for the download URL.
EDIT: Ah, I see the scanners used work directly with the URL. Ignore my post. However there have been some false positives reported before, the "Kazy" reports are new.
Something is weirdly amiss, using a different PC which is a GNU/Linux box to download the file and upload it to VirusScan using the "scan a local file" I get the same sort of virus detections (https://www.virustotal.com/en/file/5ad82d72dca6229fdde4a05cf05f4a74a1eba90d2eadbd0571cce9b470ab37a7/analysis/) but feeding VirusScan with the URL of the file on GitHub produces a clean result as you reproduce. Unfortunately Jotti only works with uploaded files. I will be doing a full boot scan on the original Windows PC I used to see if the problem is my end...
Interesting indeed, as the download link is HTTPS it is much more likely that the machine is infected. Please re-check the file after download, the MD5 check-sum should be 1aede8c7c6791cd70b4b1092fed43bb1. Please do report back.
I'm seeing that the file LuaDist-batteries-0.9.7-Windows-mingw32.zip of
size 16294628 bytes with a result from md5sum (GNU coreutils version
8.13) of: 5dce017344fce040b2a0c3c28be8716e so something is being
clobbered somewhere, this was obtained from a machine that does not have
a Microsoft Operating System on it...!
On 04/08/14 18:40, Peter Drahoš wrote:
Interesting indeed, as the download link is HTTPS it is much more likely
that the machine is infected. Please re-check the file after download,
the MD5 check-sum should be |1aede8c7c6791cd70b4b1092fed43bb1|. Please
do report back.
—
Reply to this email directly or view it on GitHub #200 (comment).
Sign up for freeto subscribe to this conversation on GitHub.
Already have an account?
Sign in.
I do not know enough to assertain whether this is a false positive or a side effect of what it does...
The text was updated successfully, but these errors were encountered: