Thank you for pointing this out. For what it's worth, I assure you it's clean :) I did some Googling, it seems antivirus programs have been flagging executables compressed with UPX <http://upx.sourceforge.net/> as being trojans. I updated my AutoHotkey I've been using to compile meld.exe and meldc.exe, the new version now uses MPRESS for compression instead of UPX. When I re-ran the scan with the recompiled versions, it looked cleaner, but there were engines that kept timing out<https://www.virustotal.com/en/file/2a5caa98fd1bffdfb7bb19c470e03b4b651139c11b25154dfee0352ef30c8146/analysis/1391393491/>. But when I ran the scan on just meld.exe, only Rising and VBA32 complained<https://www.virustotal.com/en/file/c190ff3c13cbde4df3d58f0fa26db97e909e1160ad55dff3cb7ace113500c4d5/analysis/1391394532/> so I think I'm on to something here. Could you see if you are able to get a complete result with the test versions I've uploaded here: https://sourceforge.net/projects/meld-installer/files/Testing/? If it looks like this improves the false positives (which given what I saw with meld.exe results, it should) I'll go ahead and move these out of testing as an official release.
-Keegan On Sun, Feb 2, 2014 at 5:19 PM, Michael Mientus <[email protected]>wrote: > I have not had a problem with the Windows installer from SourceForge. > > > > http://sourceforge.net/projects/meld-installer/ > > > > You might open a ticket with your vendor to have them take a look at it. > And make an exception in your antivirus software as a workaround. > > > > Mike > > > > > > *From:* meld-list [mailto:[email protected]] *On Behalf Of *Matias > N. Goldberg > *Sent:* Sunday, February 02, 2014 1:45 PM > *To:* [email protected] > *Subject:* [Windows] ClamAV detects Meld as a Trojan. > > > > Hi everyone! > > > > I'm new to this newslist. Please, excuse me if I'm in the wrong place. > > > > I've subscribed just to report that ClamAV detects "meld-1.8.4.0.exe" as a > Trojan: > > > > D:\Downloads\meld-1.8.4.0.exe: Win.Trojan.Autoit-734 FOUND > > > > I downloaded the Zip version and the problem persisted: > > D:\Downloads\meld-1.8.4.0\meld\meld.exe: Win.Trojan.Autoit-734 FOUND > > D:\Downloads\meld-1.8.4.0\meld\meldc.exe: Win.Trojan.Autoit-734 FOUND > > ----------- SCAN SUMMARY ----------- > > Known viruses: 3099685 > > Engine version: 0.98 > > Scanned directories: 771 > > Scanned files: 12171 > > Infected files: 2 > > > > I uploaded the file meld.exe to virustotal.com 5/49 and out of them > reported as Trojan: > > > > Antivirus Result > > Update > > Kingsoft Win32.Troj.IAgent.wt.(kcloud) 20130829 > > McAfee-GW-Edition Heuristic.BehavesLike.Win32.ModifiedUPX.C > 20140202 > > Rising PE:Spyware.KeyLogger!1.9F7B > 20140202 > > TheHacker Trojan/AutoHK.ed > 20140202 > > TrendMicro-HouseCall TROJ_GEN.F47V1205 20140202 > > > > Interestingly their ClamAV didn't detect it (my definitions are up to > date). > > > > I did not research into whether this is a false positive or actual > infected files. > > Looks like I will have to try compiling from source, which doesn't look > straightforward. > > > > Cheers > > Matias > > > > IMPORTANT: > The information contained in this email may be commercially sensitive > and/or legally privileged. > It is intended solely for the person(s) to whom it is addressed. If the > reader of this message is not the intended recipient, you are on notice of > its status and hereby notified that your access is unauthorized, and any > review, > dissemination, distribution, disclose or copying of this message including > any attachments is strictly prohibited. > Please notify the sender immediately by reply e-mail and then delete this > message from your system. > > > > _______________________________________________ > meld-list mailing list > [email protected] > https://mail.gnome.org/mailman/listinfo/meld-list >
_______________________________________________ meld-list mailing list [email protected] https://mail.gnome.org/mailman/listinfo/meld-list
