Author Topic: Virus/Malware in the package?  (Read 17929 times)

blaszta

  • Newbie
  • *
  • Posts: 7
    • View Profile
Virus/Malware in the package?
« on: June 29, 2012, 08:17:07 »
When I try to download 64-bit version (latest), my firewall give this warning:

High Security Alert!!

You are not permitted to download the file "MultiCommander_x64_(2.5.1.1114).exe" because it is infected with the virus "W32/Inject.CEE!tr".

URL = multicommander.com/files/updates/MultiCommander_x64_(2.5.1.1114).exe

File quarantined as: .

http://www.fortinet.com/ve?vn=W32%2FInject.CEE%21tr

Mathias (Author)

  • Administrator
  • VIP Member
  • *****
  • Posts: 4492
    • View Profile
    • Multi Commander
Re: Virus/Malware in the package?
« Reply #1 on: June 29, 2012, 08:29:42 »
You must be getting a false positive.

I have tested it with 3 AntiVirus software and they do not find any problem.

What Antivirus program do you run ?

EST NOD32 - OK
Microsoft Security Essentials - OK
Symantec - OK 
« Last Edit: June 29, 2012, 08:34:44 by Mathias (Author) »

Jungle

  • Contributor
  • VIP Member
  • *****
  • Posts: 556
  • Old Skull
    • View Profile
Re: Virus/Malware in the package?
« Reply #2 on: June 29, 2012, 08:52:55 »
McAfee - OK

Mathias (Author)

  • Administrator
  • VIP Member
  • *****
  • Posts: 4492
    • View Profile
    • Multi Commander
Re: Virus/Malware in the package?
« Reply #3 on: June 29, 2012, 09:21:23 »
Looks like the AV Forti report it as having a virus. (which is false)

And the virus is an old one and only 1 of 42 AV ( https://www.virustotal.com ) software report it as having a problem.
so it is defiantly a false positive error for the Forti AV. Since the virus it reports is old, If it was true that it had that virus then all of the AV software there would report a problem.

Will see if I can find a mail to Forti to let them know about the false positive, So they can update there signatures.

Might be enough to just rebuild the affected file.


Mathias (Author)

  • Administrator
  • VIP Member
  • *****
  • Posts: 4492
    • View Profile
    • Multi Commander
Re: Virus/Malware in the package?
« Reply #4 on: June 29, 2012, 10:23:17 »
The virus is being report for the file : USBStart.dat  (Btw It still does not contain any virus )
(This file is not included in the Update package . only full installer )

This is a small 32kb file that is used to launch MC from USB. (When you install MC on USB you can choose to get a StartMC.exe in the root, that file is USBStart.dat but with the relative path to MC included inside that file)

That file is optimized to be as small as possible. and it is probably why it gets tagged.

Mathias (Author)

  • Administrator
  • VIP Member
  • *****
  • Posts: 4492
    • View Profile
    • Multi Commander
Re: Virus/Malware in the package?
« Reply #5 on: June 29, 2012, 18:52:56 »
I rebuilt and replace the 1114 build with 1115. The false alert is now gone.