[jira] [Comment Edited] (GROOVY-7900) uninstall.exe possibly contains trojan (or false positive)

Fri, 05 Aug 2016 14:40:04 -0700 

    [ 
https://issues.apache.org/jira/browse/GROOVY-7900?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15410117#comment-15410117
 ] 

Keegan Witt edited comment on GROOVY-7900 at 8/5/16 9:38 PM:
-------------------------------------------------------------

It's a false positive, but I'm not sure what options I have other than 
contacting the AV companies and asking them to update their definitions.  I 
tried a fresh build with the new NSIS 3.0 today, and a different set of 3 gave 
[false 
positives|https://www.virustotal.com/en/file/b203cccb8ec3ac7b5888e8bf4bc01e32506bfa1e0f18e869c21e2b91a7482216/analysis/1470432834/].


was (Author: keegan):
It's a false positive, but I'm not sure what options I have other than 
contacting the AV companies and asking them to update their definitions.  I 
tried a fresh build with the new NSIS 3.0 today, and a different set of 3 gave 
[false 
positives\https://www.virustotal.com/en/file/b203cccb8ec3ac7b5888e8bf4bc01e32506bfa1e0f18e869c21e2b91a7482216/analysis/1470432834/]..

> uninstall.exe possibly contains trojan (or false positive)
> ----------------------------------------------------------
>
>                 Key: GROOVY-7900
>                 URL: https://issues.apache.org/jira/browse/GROOVY-7900
>             Project: Groovy
>          Issue Type: Bug
>    Affects Versions: 2.4.7
>         Environment: Windows 10
>            Reporter: Jan-Fabian Humann
>
> I installed groovy windows installer from the official download page:
> http://www.groovy-lang.org/download.html
> Kaspersky Endpoint Security 10 flags uninstall.exe in the groovy folder as 
> Trojan-Ransom.NSIS.Onion.yjd and deletes it.
> To verify I installed groovy in a Windows 10 VM without Kaspersky and 
> uploaded the file to https://www.virustotal.com/ and this is the report I got:
> https://virustotal.com/de/file/a3686f92af80b7ad97c4a36065a9468c90b69479105fcc952c2227cd0c4a5548/analysis/
> 3/55 Anti Virus programs flag this file as virus/suspicious.
> Could you please investigate whether you download server/install program/etc 
> has been compromised or it is a false positive?



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to