[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-wget] WGET for Windows (win32) - current version: 1.11.4

From: Ángel González
Subject: Re: [Bug-wget] WGET for Windows (win32) - current version: 1.11.4
Date: Thu, 08 Aug 2013 22:49:47 +0200
User-agent: Thunderbird

On Thu, Aug 8, 2013 at 12:21 AM, Andrew McGlashan < address@hidden> wrote:

I had previously downloaded 1.11.4 of wget.exe and have been using it on
a number of machines, recently I downloaded a /fresh/ copy and found it
had a different file size.

These are the files I have:

23/10/2008  09:40 PM           403,968 wget-1-11-4--wrong-md5sum.exe
26/04/2009  01:03 AM           401,408 wget-1-11-4.exe

And these are the md5 checksums

D:\bin>md5sum wget-1-11-4--wrong-md5sum.exe wget-1-11-4.exe
c639f0fc0cbee97148c79d9d9e31fff3 *wget-1-11-4--wrong-md5sum.exe
bd126a7b59d5d1f97ba89a3e71425731 *wget-1-11-4.exe

These links show both versions as having ONE detection of virus:

         Scanner results :   3% Scanner(s) (1/39) found malware!
                    Time :   2008/10/27 01:55:21 (EST)
One scanner found malware for this file in a 2008 scan (Fortinet showed
it as "suspicious"). Later checks -including that scanner- didn't detect anything.

         Scanner results :   3% Scanner(s) (1/37) found malware!
On this one the behavior was the opposite. There were no detections until
Sep 2011, where Rising started detecting it as
Trojan.Win32.Generic.12938BC8 <http://v.virscan.org/Trojan.Win32.Generic.12938BC8.html> This stopped in 2012. Later, in October,
it started appearing due to ClamAV detecting it with its
PUA.Win32.Packer.Upx-28 <http://v.virscan.org/PUA.Win32.Packer.Upx-28.html> signature.This signature is not for a virus [1], it only
shows that the program was compressed using upx (which also explains the
different md5).

An analysis of bd126a7b59d5d1f97ba89a3e71425731 doesn't show any
detection on virustotal:

I don't think it has any virus. But getting a safe copy of the last wget version
would of course be much better :)

1- See «What is PUA? I get a lot of false positives named PUA» on

reply via email to

[Prev in Thread] Current Thread [Next in Thread]