search

gatech-csl / jes

The Jython Environment for Students allows students to write Jython programs that can manipulate pictures, sounds, and videos.
http://mediacomputation.org/
60 stars 38 forks source link

jes.exe is being recognized as Trojan.Gen.8 #105

Open MStokholm opened 7 years ago

MStokholm commented 7 years ago

I analyzed jes.exe after it blocked by my anti-virus and several other suits are recognizing jes.exe as a virus.

https://www.virustotal.com/en/file/61136fbc8747e5b2ade702a3790f31c5e3378e0fd646c4a0647b34910a19d59f/analysis/1486141755/

mjguzdial commented 7 years ago

I've checked across six universities now. No one else is seeing this on their computers or their students' computers. Perhaps JES.exe became infected on your computer?

From: MStokholm notifications@github.com Sent: Friday, February 03, 2017 12:35:21 PM To: gatech-csl/jes Cc: Subscribed Subject: [gatech-csl/jes] jes.exe is being recognized as Trojan.Gen.8 (#105)

I analyzed jes.exe after it blocked by my anti-virus and several other suits are recognizing jes.exe as a virus.

https://www.virustotal.com/en/file/61136fbc8747e5b2ade702a3790f31c5e3378e0fd646c4a0647b34910a19d59f/analysis/1486141755/

- You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHubhttps://github.com/gatech-csl/jes/issues/105, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AELfptiHQ3jawEjfXpJPxeGjCLVFT1N6ks5rY2VZgaJpZM4L2mUq.

MStokholm commented 7 years ago

I know its a weird problem. I tested it with Virustotal, a collection of many different antivirus definition repositories, and it shows which repositories are treating jes like a trojan. I guess they define its behavior as being similar to Win32.Trojan.WisdomEyes. A week ago I was using it just fine, there wasn't any issue, and now, when I tried to install it from the GitHub repository on my new laptop and my anti-virus is sending up high security risk flags. I am using Norton, the same anti-virus that I had on my previous laptop (no problems with jes before). I know it's unlikely, but it there any way for a trojan to invade the github release? Not trying to be a hassle but far stranger things have happened and I just want to be security conscious before I add an exception for jes. If a trojan did hijack the installer, then I'd hate to give it access in my system.

mjguzdial commented 7 years ago

The first thing I checked was whether the files in the JES release had been updated on Github, and as far as I can tell, they have not since May when I posted the release.

On Feb 3, 2017, at 10:35 PM, MStokholm notifications@github.com<mailto:notifications@github.com> wrote:

I know its a weird problem. I tested it with Virustotal, a collection of many different antivirus definition repositories, and it shows which repositories are treating jes like a trojan. I guess they define its behavior as being similar to Win32.Trojan.WisdomEyes. A week ago I was using it just fine, there wasn't any issue, and now, when I tried to install it from the GitHub repository on my new laptop and my anti-virus is sending up high security risk flags. I am using Norton, the same anti-virus that I had on my previous laptop (no problems with jes before). I know it's unlikely, but it there any way for a trojan to invade the github release? Not trying to be a hassle but far stranger things have happened and I just want to be security conscious before I add an exception for jes. If a trojan did hijack the installer, then I'd hate to give it access in my system.

— You are receiving this because you commented. Reply to this email directly, view it on GitHubhttps://github.com/gatech-csl/jes/issues/105#issuecomment-277415575, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AELfpjKejmhdy-e64pLBryHz7zOTaKWUks5rY_H4gaJpZM4L2mUq.