From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
	ip-172-31-74-118.ec2.internal
X-Spam-Level: 
X-Spam-Status: No, score=-2.9 required=3.0 tests=BAYES_00,NICE_REPLY_A
	autolearn=ham autolearn_force=no version=3.4.6
Path: eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: Chris Townley <news@cct-net.co.uk>
Newsgroups: comp.lang.ada
Subject: Re: gtkada flagged as a trojan by Kaspersky
Date: Sat, 31 Jul 2021 14:37:58 +0100
Organization: A noiseless patient Spider
Message-ID: <se3jnm$vrs$1@dont-email.me>
References: <se1m22$apk$1@dont-email.me> <se34n6$1d1l$1@gioia.aioe.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Sat, 31 Jul 2021 13:37:58 -0000 (UTC)
Injection-Info: reader02.eternal-september.org; posting-host="b4cd9a980d03346cc4dad7bd046dc055";
	logging-data="32636"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX19XKKwY/dD4pyMX9imbxPfpdIGWeLkFCGc="
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101
 Thunderbird/78.12.0
Cancel-Lock: sha1:2tA4/U2su2ZX3lWk1cCjNLDBIpI=
In-Reply-To: <se34n6$1d1l$1@gioia.aioe.org>
Content-Language: en-GB
Xref: reader02.eternal-september.org comp.lang.ada:62467
List-Id: <comp.lang.ada>

On 31/07/2021 10:21, Dmitry A. Kazakov wrote:
> On 2021-07-30 22:05, Chris Townley wrote:
>> Just tried to download gnat-1021 and gtkada-2021 for Win64, but 
>> Kaspersky just deletes it with the following report:
>>
>> Event: Malicious object detected
>> User: GONDOLIN\chris
>> User type: Active user
>> Application name: chrome.exe
>> Application path: C:\Program Files (x86)\Google\Chrome\Application
>> Component: File Anti-Virus
>> Result description: Detected
>> Type: Trojan
>> Name: UDS:Trojan.Win32.Generic
>> Precision: Exactly
>> Threat level: High
>> Object type: File
>> Object name: gtkada-2021-x86_64-windows64-bin.exe
>> Object path: V:\WInusr\chris\downloads
>> MD5: D60E573005450391B12CAB1966F89703
>> Reason: Cloud Protection#
>>
>> Has anyone seen this - is it a Kaspersky issue, or has it been 
>> compromised?
> 
> Not this, but my installer packed by INNO Setup were falsely flagged by 
> some antivirus. So possibly, it is just self-extracting mechanics that 
> triggers false alarm.
> 
> I am PC anti-vaxxer (:-)), but if you are paranoid, create a Windows 
> virtual machine and install GNAT and then GtkAda there. Copy C:\GtkAda 
> to your working machine, scan it for viruses. That would effectively 
> install it without running the installer.
> 

Thanks - that is an option. I suppose I could build from source, but not 
sure about my ability! Might give that a try.

I think I will get onto Kaspersky first - see what they say...

-- 
Chris