Potential malware on the zip file

[rafamvc]

While doing a install on a computer with antivirus, it showed that this file contains malware.

Here is a online scan of the file:

https://www.virustotal.com/en/file/62e9f6fa2d808dc400c8a1b77a96e7d20b5640e8ca3c4b8ea8dc0566485e17bc/analysis/1362801198/

[L2G]

Where did your download come from?

This may be related to #47, but it's hard for me to say as a bystander. Nope. Files are straight outta the GitHub repo.

[rafamvc]

http://cloud.github.com/downloads/adoxa/ansicon/ansi153.zip

[L2G]

Hmmm. Looks like a fair cop to me. SHA256 digest is identical.

Do be mindful of the possibility of false positives, though.

@adoxa??

[rafamvc]

You can rescan your own copy too.

On Mon, Mar 11, 2013 at 3:06 PM, Larry Gilbert notifications@github.comwrote:

Hmmm. Looks like a fair cop to me. SHA256 digest is identical.

@adoxa https://github.com/adoxa??

—
Reply to this email directly or view it on GitHubhttps://github.com//issues/48#issuecomment-14745956
.

[L2G]

Well, I could (and actually, I already did), but all that tells me is the same result that VirusTotal gives for the specific virus scanner I have. :-) (That's McAfee in my case.)

I too have the feeling that the number of hits alone in that report is cause for concern.

Removing those zip and tarball downloads would be done by removing those Git tags, but the files that trigger those virus warnings and that may be infected would still be sitting there in the Git repo. I guess it's up to @adoxa as to how deeply he wants to scrub the repo for old, infected binaries.

[L2G]

By the way, is there a reason you have to use 1.53 instead of the latest (1.61)? Or were you concerned about the virus warnings in general?

[adoxa]

The warnings are caused by ANSI-LLW.exe. 1.60 was an attempt to remove dependence on it, but it failed; 1.61 has gone back to using it, but compiled differently, so the warnings are reduced.