search

jwtrtrent / pythonxy

Automatically exported from code.google.com/p/pythonxy
0 stars 0 forks source link

Chrome reports "Python(x,y)-2.7.6.0.exe is malicious, and Chrome has blocked it." #728

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago 
I realize this isn't a Python(x,y) problem, but it could be considered an 
installation issue. I don't recall seeing the same message when I installed 
(x,y) on another machine a few months ago.

Google Chrome   33.0.1750.154 (Official Build 257193) m
OS  Windows 

Error details: 
https://support.google.com/chrome/answer/4412392?p=ib_download_blocked&rd=1

Original issue reported on code.google.com by st4r...@gmail.com on 16 Apr 2014 at 3:26

GoogleCodeExporter commented 9 years ago 
I get the same message on windows 8.1 using chrome.

Original comment by andyme...@gmail.com on 22 Apr 2014 at 8:08

GoogleCodeExporter commented 9 years ago 
I have this problem, too. What should I do?

Original comment by Tatp...@gmail.com on 22 Apr 2014 at 4:14

GoogleCodeExporter commented 9 years ago 
For reference, I downloaded the file from both mirrors, both have MD5 
a01fec06a42d77d485c6e40c2c7c8ad9

Original comment by ays...@gmail.com on 25 Apr 2014 at 12:26

GoogleCodeExporter commented 9 years ago 
Google Chrome     Version 34.0.1847.116 m
OS Windows 7 Enterprise SP1

Original comment by sants...@gmail.com on 25 Apr 2014 at 3:13

GoogleCodeExporter commented 9 years ago 
2.7.6.1 will be released shortly.

I'll try to get a windows developer certificate to avoid such situations - but 
it isn't cheap.

Original comment by grizzly.nyo on 29 Apr 2014 at 4:20

GoogleCodeExporter commented 9 years ago 
You do not need a windows developer certificate. You can simply request a 
malware review from Google, see 
https://support.google.com/webmasters/answer/168328. Takes 48 hours.

Original comment by gustav.d...@gmail.com on 2 May 2014 at 1:33

GoogleCodeExporter commented 9 years ago 
Yes I'm aware of that. I just looking for a way to prevent such incidents in 
the future.

It is not the first time XY was flagged as malware.

Original comment by grizzly.nyo on 3 May 2014 at 10:33

GoogleCodeExporter commented 9 years ago 
Unfortunately since the "malware" links our offsite I can't submit them for 
review :(

Original comment by grizzly.nyo on 10 May 2014 at 5:12

GoogleCodeExporter commented 9 years ago 
Is it possible to host the file temporarily on a site where you do have such 
access?  (Presuming that the malware filter is by-hash and not by-URL.)

Original comment by ays...@gmail.com on 20 May 2014 at 8:46

GoogleCodeExporter commented 9 years ago 
Issue 737 has been merged into this issue.

Original comment by grizzly.nyo on 27 May 2014 at 3:04

GoogleCodeExporter commented 9 years ago 
This is just to confirm that Python(x,y)-2.7.6.1.exe also triggers the same 
complaint from Chrome, but the download can still be recovered if you tell 
Chrome to 'hurt me plenty' and accept the risk.  Thank you for your continued 
efforts with Pythonxy.

Original comment by Keith56J...@gmail.com on 1 Jun 2014 at 12:37

GoogleCodeExporter commented 9 years ago 
What about the University of Kent Mirror?
What AV SW is installed?

Original comment by grizzly.nyo on 1 Jun 2014 at 4:05

GoogleCodeExporter commented 9 years ago 
The other mirrors are NOT flagged as Malware.

I've requested help in the forums.

I'll take the mirror down for now.

Original comment by grizzly.nyo on 1 Jun 2014 at 5:57

GoogleCodeExporter commented 9 years ago 
This is just to confirm that I failed to download Python(x,y)-2.7.6.1.exe from 
either mirror due to a "malware" detected by avast. If I switch avast off, the 
download is  interrupted both in Chrome or IE.

Original comment by akost...@gmail.com on 7 Jun 2014 at 5:51

GoogleCodeExporter commented 9 years ago 
I've managed to download Python(x,y)-2.7.6.1 with a different PC on Windows 7, 
however, my avast still reports the .exe file as infected with Win32 Dropper 
gen: https://au.answers.yahoo.com/question/index?qid=20140213060418AAxdIqn
I am now reluctant to run the install. Should I ignore it as false positive? 
What other anti-virus software report?

Original comment by akost...@gmail.com on 7 Jun 2014 at 7:58

GoogleCodeExporter commented 9 years ago 
It seems like a false positive - see:
https://www.virustotal.com/en/file/761c7bb7e7b12e3a9cd535290d7df704a202cc6b4330a
08e1ed3350b74f117e1/analysis/1402239893/

I've submitted a false positive report which hopefully will clear things up.

Original comment by grizzly.nyo on 8 Jun 2014 at 3:08

GoogleCodeExporter commented 9 years ago 
Issue 740 has been merged into this issue.

Original comment by grizzly.nyo on 8 Jun 2014 at 3:09