From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on ip-172-31-74-118.ec2.internal X-Spam-Level: X-Spam-Status: No, score=-2.9 required=3.0 tests=BAYES_00,NICE_REPLY_A autolearn=ham autolearn_force=no version=3.4.6 Path: eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail From: Chris Townley Newsgroups: comp.lang.ada Subject: Re: gtkada flagged as a trojan by Kaspersky Date: Sun, 1 Aug 2021 12:06:08 +0100 Organization: A noiseless patient Spider Message-ID: References: Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Injection-Date: Sun, 1 Aug 2021 11:06:08 -0000 (UTC) Injection-Info: reader02.eternal-september.org; posting-host="9961f047a185466e05d717181cf57886"; logging-data="3623"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/dk7ay0z1xVdwgYnKUkigT/GRFzZrpQDc=" User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.12.0 Cancel-Lock: sha1:4p9CaE0k7UoDMlNVNupcay6OtNE= In-Reply-To: Content-Language: en-GB Xref: reader02.eternal-september.org comp.lang.ada:62472 List-Id: On 31/07/2021 14:37, Chris Townley wrote: > On 31/07/2021 10:21, Dmitry A. Kazakov wrote: >> On 2021-07-30 22:05, Chris Townley wrote: >>> Just tried to download gnat-1021 and gtkada-2021 for Win64, but >>> Kaspersky just deletes it with the following report: >>> >>> Event: Malicious object detected >>> User: GONDOLIN\chris >>> User type: Active user >>> Application name: chrome.exe >>> Application path: C:\Program Files (x86)\Google\Chrome\Application >>> Component: File Anti-Virus >>> Result description: Detected >>> Type: Trojan >>> Name: UDS:Trojan.Win32.Generic >>> Precision: Exactly >>> Threat level: High >>> Object type: File >>> Object name: gtkada-2021-x86_64-windows64-bin.exe >>> Object path: V:\WInusr\chris\downloads >>> MD5: D60E573005450391B12CAB1966F89703 >>> Reason: Cloud Protection# >>> >>> Has anyone seen this - is it a Kaspersky issue, or has it been >>> compromised? >> >> Not this, but my installer packed by INNO Setup were falsely flagged >> by some antivirus. So possibly, it is just self-extracting mechanics >> that triggers false alarm. >> >> I am PC anti-vaxxer (:-)), but if you are paranoid, create a Windows >> virtual machine and install GNAT and then GtkAda there. Copy C:\GtkAda >> to your working machine, scan it for viruses. That would effectively >> install it without running the installer. >> > > Thanks - that is an option. I suppose I could build from source, but not > sure about my ability! Might give that a try. > > I think I will get onto Kaspersky first - see what they say... > Kaspersky replied: > Dear customer, > > Thank you for your continued support. I apologize for my late response. > > We've just received a reply from our Virus Analysts with the following information. > > We like to apologize for the false detection, the fix is deployed on the next database update. > > Thank you for your help and stay safe! > Nice to hear, and a quick fix - great service from them -- Chris