[smartmontools-support] Virus detected in automated builds
Adam Piggott
adam at proactiveservices.co.uk
Tue Jan 22 12:55:35 CET 2019
On 21 January 2019 07:33:30 GMT+00:00, Peter Ohlerich <Peter.Ohlerich at uni-bielefeld.de> wrote:
>https://655-105252244-gh.circle-artifacts.com/0/builds/smartmontools-win32-setup-7.1-r4891.exe
>)
>and my AV scanner detected a virus in the downloaded file.
>
>Virustotal has 21 of 68 engines detecting a virus
>
>https://www.virustotal.com/#/file/6334ca3b90f2481d1be8c3e8456f0f903e7cc5fab7cd3a7351be801ad0fbe8a8/detection
>
>When manually extracting the files from the archive via 7-Zip, the
>extracted files are not detected individually. Can you clarify whether
>this is a false positive?
Excepting the Cylance, Ahnlab and Cybereason engines (they seem to false positive with excessive frequency; I place no stock in them) it looks like the 64-bit smartd.exe is causing the fuss:
https://www.virustotal.com/en/file/447aca13dbe21d749f33df9fdf7db8a1bbb526910c8097a9b9524398a4c2269a/
Whether it's a false positive or not I cannot comment. However, when I've come across FPs against open source software before, McAfee often tags it as "Artemis", which it has done in this case.
--
Adam Piggott, Proprietor, Proactive Services (Computing)
https://proactiveservices.co.uk/
Sent on the move. Please excuse my brevity.
More information about the Smartmontools-support
mailing list