help-octave
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: virus

From: Alexander Barth
Subject: Re: virus
Date: Mon, 8 Jun 2015 21:31:44 +0200


On Mon, Jun 8, 2015 at 8:25 PM, Przemek Klosowski <address@hidden> wrote:
On 06/07/2015 12:34 PM, Marco Atzeri wrote:
On 6/7/2015 6:24 PM, Francis Yee wrote:
Pua.Installcore virus

c/octave/octave-4.0l0/share/nsis/plugininstalloptions.dll


almost sure a false positive.  Specially as the build is done on a Linux system...

Have you tested the file with another antivirus on the web ?
There were several such reports recently; my standard reply is to recommend making sure that the detected file is indeed coming out of  the installer package, identifying the installer and the website it came from, and uploading the suspected file to https://www.virustotal.com/ which reports the combined results from about 50 virus checkers.

Frank---could you please repost with those three pieces of information?


Maybe Francis can also report the check sums of the file he downloaded. I got the following for md5sum and sha1sum:


$ md5sum octave-4.0.0_0-installer.exe
9c8ec07981369245844d85e512525a01  octave-4.0.0_0-installer.exe

$ sha1sum octave-4.0.0_0-installer.exe
2ac25dad06394b7502aefe7feaa02070d74dbd6d  octave-4.0.0_0-installer.exe

It seems that Microsoft has some tools to do this: https://support.microsoft.com/en-us/kb/889768

It was not obvious for me how to use the sig file to validate the installer. Below is what I needed to do. I think it would be good to document this at the download page, as suggested in this bug report (http://savannah.gnu.org/bugs/?36073), especially as sites like sourceforge have a history of bundling dubious software in windows installers (https://mail.gnome.org/archives/gimp-developer-list/2015-May/msg00144.html).

Cheers,
Alex


$ gpg --keyserver hkp://keys.gnupg.net --recv-keys 5D36644B
gpg: keyring `/home/abarth/.gnupg/secring.gpg' created
gpg: requesting key 5D36644B from hkp server keys.gnupg.net
gpg: /home/abarth/.gnupg/trustdb.gpg: trustdb created
gpg: key 5D36644B: public key "John W. Eaton <address@hidden>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg:               imported: 1

$ gpg --verify octave-4.0.0_0-installer.exe.sig octave-4.0.0_0-installer.exe
gpg: Signature made Thu 28 May 2015 20:36:42 CEST using DSA key ID 5D36644B
gpg: Good signature from "John W. Eaton <address@hidden>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: DBD9 C84E 39FE 1AAE 99F0  4446 B05F 05B7 5D36 644B






reply via email to
[Prev in Thread] Current Thread [Next in Thread]