help-octave
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Spyware in Octave


From: dbateman
Subject: RE: Spyware in Octave
Date: Wed, 17 Sep 2008 08:51:15 -0700 (PDT)



Labitt, Bruce wrote:
> 
> I ran the version of sed.exe that installs in c:\Program
> Files\Octave\bin on the scanner below and came up with one of the AV
> programs indicating it was suspicious.
> 
> VirSCAN.org Scanned Report :
> Scanned time   : 2008/09/17 09:43:30 (EDT)
> Scanner results: 3% Scanner(1/36) found malware!
> File Name      : sed.exe
> File Size      : 102400 byte
> File Type      : PE32 executable for MS Windows (console) Intel 80386
> 32-bit
> MD5            : df03c9fb9ebcbf8364cd8874583790b9
> SHA1           : 2b3eebc9994b595ef81a5d684fc87f62e6ba3247
> Online report  :
> http://virscan.org/report/0a85e2e2bb20e977f32ef16548e6393b.html
> 
> Scanner        Engine Ver      Sig Ver           Sig Date    Time   Scan
> result
> a-squared      4.0.0.14        2008.09.16        2008-09-16  1.54   -
> AhnLab V3      2008.09.17.02   2008.09.17        2008-09-17  0.94   -
> AntiVir        7.8.1.28        7.0.6.170         2008-09-17  2.29   -
> Arcavir        1.0.5           200809171009      2008-09-17  1.22   -
> 
> <snip>
> 
> Fortinet       2.81-3.113      9.560             2008-09-17  0.19
> Suspicious
> McAfee         5.3.00          5385              2008-09-16  1.86   -
> Microsoft      1.3903          2008.09.17        2008-09-17  4.54   -
> <snip>
> 

Ok then the fact that only one out of thirty six find it "suspicious" is a
pretty good indication of a false positive on the part of your spyware
scanner. Note that the above scanner in fact runs all of the major malware
scanners against the same binary, with up to date definition files, so if a 
large percentage of these don't flag something you can safely ignore the
issue.



> sed.exe appears to be installed in two places.  The 100K file is in the
> Octave\bin directory.  There is also another sed.exe that is installed
> in the Octave\mysys\bin directory which is only 47K.  Only the
> Octave\bin\sed.exe is flagged as being suspicious.
> 

Not sure why Michael included a second version. Perhaps he built his own
MSVC sed in octave/bin/sed.exe and the other one just happened to be there,
built with mingw, when he installed msys. You'd have to ask Michael for the
reason.

D.

-- 
View this message in context: 
http://www.nabble.com/Spyware-in-Octave-tp19524451p19535231.html
Sent from the Octave - General mailing list archive at Nabble.com.



reply via email to

[Prev in Thread] Current Thread [Next in Thread]