Some anti-virus systems are tagging these files as having a virus.
From: Michael Schumacher <schum...@gmx.de> Sent: Wednesday, August 07, 2019 5:04 PM To: Shimon Shore <shim...@most.gov.il>; Shimon Shore via gimp-web-list <gimp-web-list@gnome.org>; gimp-web-list@gnome.org Subject: Re: [Gimp-web] Website gimp.org is marked as Malicious I'm looking at this on my mobile, so browsing these reports is a bit difficult - but I'm not quite able to make out what exactly this service thinks it has found in these files? On 7 August 2019 15:39:50 CEST, Shimon Shore via gimp-web-list <gimp-web-list@gnome.org<mailto:gimp-web-list@gnome.org>> wrote: The report is from Hybrid Analysis. I understand the point about the hash files but there are quite a few other files that are suspicious and possibly infected. Thank you for the VirusTotal report. Do you have any other reports that might help our cyber security group? -----Original Message----- From: gimp-web-list <gimp-web-list-boun...@gnome.org<mailto:gimp-web-list-boun...@gnome.org>> On Behalf Of Alexandre Prokoudine via gimp-web-list Sent: Wednesday, August 07, 2019 11:59 AM To: gimp-web-list@gnome.org<mailto:gimp-web-list@gnome.org> Subject: Re: [Gimp-web] Website gimp.org is marked as Malicious On Wed, Aug 7, 2019 at 11:17 AM Shimon Shore via gimp-web-list wrote: Hello, I am interested in using Gimp in our organization. In order to get approval from our cyber security unit they tested your website on Hybrid Analysis which marks it as Malicious - https://www.hybrid<https://smex-ctp.trendmicro.com:443/wis/clicktime/v1/query?url=https%3a%2f%2fwww.hybrid&umid=0cd3725f-a033-43a6-9702-83a9dc7b0d1c&auth=0552f576ef9cbf8536bffd6744e6f7ca40c5738b-a717d8ce79677359a7f421ecb1ea4ff1abb70987>- analysis.com/sample/4d31ab35224693e07ef33b7c97ffa09 962ec205a86fd16af03e246ebd374da1e One of the main problems is that many of the files on your server failed virus scans as seen below. Can you look into/fix the problem with infected files on your server? Hello Shimon, I'm looking at the generated report with one eyebrow up and a stupid grin on my silly face because it tells me, among other things, that several AV tools flagged SHA256 hash files as malicious :) Are your CS guys aware of false positives? How about testing the latest build for Windows? https://www.virustotal.com/gui/file/90038ea1895b2fe2a63fe6f69fc2115161b 9af6a509e96ee08371138260de45e/detection Alex ________________________________ gimp-web-list mailing list gimp-web-list@gnome.org<mailto:gimp-web-list@gnome.org> https://mail.gnome.org/mailman/listinfo/gimp-web-list ________________________________ gimp-web-list mailing list gimp-web-list@gnome.org<mailto:gimp-web-list@gnome.org> https://mail.gnome.org/mailman/listinfo/gimp-web-list -- Sent from my Android device with K-9 Mail. Please excuse my brevity. _______________________________________________ gimp-web-list mailing list gimp-web-list@gnome.org https://mail.gnome.org/mailman/listinfo/gimp-web-list