avast tells me ocaml installer is trojan. #17

Closed
mnru opened this Issue Oct 1, 2012 · 11 comments

Projects

None yet

7 participants

@mnru
mnru commented Oct 1, 2012

I don't know where to report my trouble,but according to avast anti virus,the file I got from the URL

http://gallium.inria.fr/~protzenk/caml-installer/ocaml-4.00.0-i686-mingw64.exe

is infected by trojan. Is it really?

@protz
Owner
protz commented Oct 1, 2012

It's not, it's just that avast is over-zealous...

On Mon 01 Oct 2012 03:10:58 PM CEST, mnr_u wrote:

I don't know where to report my trouble,but according to avast anti
virus,the file I got from the URL

http://gallium.inria.fr/~protzenk/caml-installer/ocaml-4.00.0-i686-mingw64.exe
http://gallium.inria.fr/%7Eprotzenk/caml-installer/ocaml-4.00.0-i686-mingw64.exe

is infected by trojan. Is it really?


Reply to this email directly or view it on GitHub
#17.

@mnru
mnru commented Oct 2, 2012

http://forum.avast.com/index.php?topic=106465.0

I posted this issue to Japanese avast user forum and got reply.

I think the possibility of infection is not low.

@protz
Owner
protz commented Oct 2, 2012

I compiled camlp4o.exe, camlp4orf.exe and tkcompiler.exe myself, and I
can assure you that these are just regular executables that are part of
the OCaml distribution. Since these are bytecode executables, there may
be code that looks suspicious: the bytecode data is appended at the end
of the executable, and the runtime system uses it to run the program,
so I don't know how an antivirus analyzes such a program...

On Tue 02 Oct 2012 07:58:04 PM CEST, mnr_u wrote:

http://forum.avast.com/index.php?topic=106465.0

I posted this issue to Japanese avast user forum and got reply.

I think the possibility of infection is not low.


Reply to this email directly or view it on GitHub
#17 (comment).

@marcdexet

I got the same problem with Symantec
Detected Trojan.ADH

@protz
Owner
protz commented Dec 4, 2012

If you could submit a false positive report to Symantec that'd be great.

Thanks,

jonathan

On Tue 04 Dec 2012 04:55:20 PM CET, Marc DEXET wrote:

I got the same problem with Symantec
Detected Trojan.ADH


Reply to this email directly or view it on GitHub
#17 (comment).

@marcdexet

Report to Symantec done.

@marcdexet

Ocaml in a whole is considered as a virus :(

@doubleffect

So far I have sadly not found a single anti-virus that wouldn't report OCaml as a virus. I reported it as a false positive to Avast too. The only solution is to add an exception after installation for the folder containing OCaml, I guess, other than switching to Unix-based OS. :/

@crufter
crufter commented Jan 7, 2013

Avast whines for me too.

I think the download pages should mention it, I bet a lot of newbies are being scared away.

@aalexand

I got complaint from McAfee anti-virus on OCaml installer too:

tmpimg00

@thelema
thelema commented Jan 12, 2013

https://www.techsupportalert.com/content/how-report-malware-or-false-positives-multiple-antivirus-vendors.htm
If someone can try these instructions to submit the installer as a false
positive, it will help us all.

On Sat, Jan 12, 2013 at 2:00 AM, aalexand notifications@github.com wrote:

I got complaint from McAfee anti-virus on OCaml installer too:

[image: tmpimg00]https://f.cloud.github.com/assets/1519040/61772/c88d33ec-5c85-11e2-855c-841888392603.png


Reply to this email directly or view it on GitHubhttps://github.com/protz/ocaml-installer/issues/17#issuecomment-12174704.

@protz protz closed this in 570d4f1 Aug 2, 2013
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment