Dear Sumatra developers,
10 minutes ago I was trying to install Sumatra instead of Evince (Evince has some issues managing postscript files).
After the Sumatra zip extraction, Avira realtime protection found a trojan TR/ATRAPS.Gen in the \bin\ksigncmd.exe file.
Dunno if it it's a real issue or a false positive.
To complete the information, the file I've just downloaded and where Avira had found the trojan:
http://code.google.com/p/sumatrapdf/downloads/detail?name=SumatraPDF-2.1.1-source.zip
I dont want absolutly be alarming, but I think it could be advisable to do a little check in the next times...
thanks in advance,
Gabriele Motta
Sumatra PDF Reader forum
Small, fast, free PDF, EPUB, MOBI, CHM, DJVU, CBR, CBZ reader for Windows
Probable Trojan found
Gabriele Motta on July 10, 2012
Thanks for the report. That file is however clean - provided that it hasn't been modified during your download:
https://www.virustotal.com/file/0269d61f13d3c6c973bdb901008796fa7e4e7b64e9a7bfdd60938d49963b11bd/analysis/
You're options are to either report this false-positive to Avira so that they can fix their software or to move to a more reliable anti-virus solution (or to just delete that one file, as you won't be needing it anyway).
BTW: You don't really need SumatraPDF's source files at all, if you just want to install and use the software. For that case, you'll find a pre-built installer at SumatraPDF's homepage at http://blog.kowalczyk.info/software/sumatrapdf/download-free-pdf-viewer.html
https://www.virustotal.com/file/0269d61f13d3c6c973bdb901008796fa7e4e7b64e9a7bfdd60938d49963b11bd/analysis/
You're options are to either report this false-positive to Avira so that they can fix their software or to move to a more reliable anti-virus solution (or to just delete that one file, as you won't be needing it anyway).
BTW: You don't really need SumatraPDF's source files at all, if you just want to install and use the software. For that case, you'll find a pre-built installer at SumatraPDF's homepage at http://blog.kowalczyk.info/software/sumatrapdf/download-free-pdf-viewer.html
zeniko on July 10, 2012
Hi Zeniko,
I was just reading this thread, and I went to the virus total link as posted, and it shows 5 or so instances of trojan or malware. Is it supposed to show that, as I thought it was just the op's antivirus program.
thanks!
I was just reading this thread, and I went to the virus total link as posted, and it shows 5 or so instances of trojan or malware. Is it supposed to show that, as I thought it was just the op's antivirus program.
thanks!
guest523 on July 13, 2012
guest523: Multiple anti-virus solutions get this one wrong. Unfortunately, that's quite normal.
zeniko on July 15, 2012
Ah! Thank you!
guest523 on July 16, 2012
Same result. Using Norton.
Why is there an '.exe' in the source?
.exe == binary
source == uncompiled code
When I write a program the source is pure text. No executables whatsoever...
So what's the deal?
Any devs know what signcmd.exe does?
Why is there an '.exe' in the source?
.exe == binary
source == uncompiled code
When I write a program the source is pure text. No executables whatsoever...
So what's the deal?
Any devs know what signcmd.exe does?
slhac on July 22, 2012
ksigncmd.exe and nasm.exe are in the source for convenience so that Visual Studio (Express) is the only requirement for building SumatraPDF.
As for what it does, Google is your friend: http://www.google.com/search?q=ksigncmd.exe
BTW: The reason that all these anti-virus solutions consider ksigncmd.exe suspicious, is simply because that file has been compressed... Feel free to complain to your anti-virus vendor for the inconvenience.
As for what it does, Google is your friend: http://www.google.com/search?q=ksigncmd.exe
BTW: The reason that all these anti-virus solutions consider ksigncmd.exe suspicious, is simply because that file has been compressed... Feel free to complain to your anti-virus vendor for the inconvenience.
zeniko on July 22, 2012
Other recent topics
Reply to this topic