OK, the alerts are referring to the .exe and are not associated with any particular data download. In that case, for those of you running the Windows 4.15 app, you could check the MD5 checksum of the file that your AV is complaining about against the MD5 checksum for the same file from the beta test page. You will find that the zip archive for Windows 4.15 is still there and so you could download it and check the .exe it contains against your current .exe. There are freeware MD5 checksum generators around - just google for md5summer for example.
It would be very useful to know if the MD5 checksum is different or not.
EDIT:
I've just done this one one of my machines. In my case the two MD5 checksums are the same. The value I get is:-
Let's hope so. As Jord correctly surmised, it would appear to be a false positive. I guess the lesson for all of us is to find ways to confirm or negate our fears before taking any precipitate action. MD5 checksums make such checking relatively easy.
In the past other virus scanners have also shown that some project's applications 'were infected'. The infection only showed in that one virus scanner with a latest update on virus signatures. Due to the way that the application checks for specific data strings and the heuristics scan of the AV scanner, it can be picked up as to how a Trojan or worm works.
A check with another scanner (there are some online scans available, just do a Google search) usually reveals no further problems. With the application here being closed source, it's also rather difficult to infect it when just downloading from Einstein.
OK, the alerts are referring
)
OK, the alerts are referring to the .exe and are not associated with any particular data download. In that case, for those of you running the Windows 4.15 app, you could check the MD5 checksum of the file that your AV is complaining about against the MD5 checksum for the same file from the beta test page. You will find that the zip archive for Windows 4.15 is still there and so you could download it and check the .exe it contains against your current .exe. There are freeware MD5 checksum generators around - just google for md5summer for example.
It would be very useful to know if the MD5 checksum is different or not.
EDIT:
I've just done this one one of my machines. In my case the two MD5 checksums are the same. The value I get is:-
4b47581f0f52b0adf6d6d81195e28280
Cheers,
Gary.
Kasperky users see this
)
Kasperky users see this alert:
The Register
Tullio
Hi Gary I proceed to MD5
)
Hi Gary
I proceed to MD5 calculation of the exe file and find the exact same code 4b47581f0f52b0adf6d6d81195e28280.
Surprisingly, Kaspersky answer me they do not detect a problem on the file I sent.
I'll continuing questionning them.
At that time, Kaspersky Labs
)
At that time, Kaspersky Labs seems to have made the necesseray changes in their virus signatures.
Kaspersky support answer no more about this problem.
The incident appears to be wound up.
I wish everyone to spend happy festive season.
RE: The incident appears to
)
Let's hope so. As Jord correctly surmised, it would appear to be a false positive. I guess the lesson for all of us is to find ways to confirm or negate our fears before taking any precipitate action. MD5 checksums make such checking relatively easy.
Cheers,
Gary.
In the past other virus
)
In the past other virus scanners have also shown that some project's applications 'were infected'. The infection only showed in that one virus scanner with a latest update on virus signatures. Due to the way that the application checks for specific data strings and the heuristics scan of the AV scanner, it can be picked up as to how a Trojan or worm works.
A check with another scanner (there are some online scans available, just do a Google search) usually reveals no further problems. With the application here being closed source, it's also rather difficult to infect it when just downloading from Einstein.