Quantcast

miktex update flagged as containing malware - false positive or not?

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

miktex update flagged as containing malware - false positive or not?

Barraclough, Dominic (ext. 414)
Hi

Before approaching my companies IT people (not the most light hearted and easy going group) I'm seeking help on the following.

I have very recently installed Miktex on a win 7 system and now wish to perform an update on the installation, however it appears that the antivirus software running on all incoming downloads is flagging the update as containing a possible virus. I'm assuming that this is a false positive. Can any body through any light on this issue? Additional information could improve my case with the IT department to have the file download unblocked.

For what its worth, the scanner provide the following rather cryptic feed back
Virus/PUS: "PUS:Downloader.Win32.DownMan.hl" found!
URL: http://www.pirbot.com/mirrors/ctan/systems/win32/miktex/tm/packages/miktex-bin-2.9.tar.lzma

Dominic
------------------------------------------------------------------------------
Developer Access Program for Intel Xeon Phi Processors
Access to Intel Xeon Phi processor-based developer platforms.
With one year of Intel Parallel Studio XE.
Training and support from Colfax.
Order your platform today. http://sdm.link/xeonphi
_______________________________________________
Q: How can I leave the mailing list?
A: See http://docs.miktex.org/faq/support.html#leavingml
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: miktex update flagged as containing malware - false positive or not?

George N. White III
On Fri, Nov 11, 2016 at 10:31 AM, Barraclough, Dominic (ext. 414) <
[hidden email]> wrote:

> Hi
>
> Before approaching my companies IT people (not the most light hearted and
> easy going group) I'm seeking help on the following.
>
> I have very recently installed Miktex on a win 7 system and now wish to
> perform an update on the installation, however it appears that the
> antivirus software running on all incoming downloads is flagging the update
> as containing a possible virus. I'm assuming that this is a false positive.
> Can any body through any light on this issue? Additional information could
> improve my case with the IT department to have the file download unblocked.
>
> For what its worth, the scanner provide the following rather cryptic feed
> back
> Virus/PUS: "PUS:Downloader.Win32.DownMan.hl" found!
> URL: http://www.pirbot.com/mirrors/ctan/systems/win32/miktex/tm/p
> ackages/miktex-bin-2.9.tar.lzma


1.  Enter the URL at https://www.virustotal.com and print the results to
PDF so you can attach them to your IT ticket.

2.  A malware site may detect access from virustotal and provide an
uninfested file, or something close to your PC could be redirecting http
URL's to bad sites. Try to download the same file from a CTAN mirror at a
major university using rsync if possible, otherwise, use ftp.  If the AV
scanner gives the same response, chances are high that you have a false
positive.

MiKTeX is quite widely used.  Most AV vendors act quickly to eliminate
false positives, so the problem may go away in a few days even if you do
nothing.

--
George N. White III <[hidden email]>
Head of St. Margarets Bay, Nova Scotia
------------------------------------------------------------------------------
Developer Access Program for Intel Xeon Phi Processors
Access to Intel Xeon Phi processor-based developer platforms.
With one year of Intel Parallel Studio XE.
Training and support from Colfax.
Order your platform today. http://sdm.link/xeonphi
_______________________________________________
Q: How can I leave the mailing list?
A: See http://docs.miktex.org/faq/support.html#leavingml
Loading...