Re: Haskell Platform 8.2.2 - virus?

This wouldn't be the first time some program that uses heuristic execution patterns to detect malware decided it didn't like the STG. On Thu, Dec 28, 2017 at 4:15 PM, Matthew Lamari wrote:

The site gave me the 5ffdaa sha256 you have below for touchy.exe.

That said, I still have the 2 builds yield different results from Hitman Pro on the clean boxes. And Bitdefender, on my machine, (albeit being obtuse) chucks a fit over it. It doesn't detect the EXE files; but detects secondary consequences of them running.

*I really think something is afoot here.*

On 12/28/2017 3:00 PM, lonetiger@gmail.com wrote:

Upload one of the binaries it flagged to https://www.virustotal.com/en/ and send the link.

As far as I can tell, they’re all clean

https://www.virustotal.com/en/file/9cc2a6032dde8d8ab572f949104124 2ab4c76d2b7d36eea5283c82cf9bf9fd69/analysis/

https://www.virustotal.com/en/file/5ffdaa7da4381637ab2a0ec327118c d933398a477430e2f5d94e9d53c53f2782/analysis/

*From: *Matthew Lamari *Sent: *Thursday, December 28, 2017 20:29 *To: *ghc-devs@haskell.org *Subject: *Haskell Platform 8.2.2 - virus?

New Haskell install was tripping my Bitdefender like crazy and in weird

ways - not new as that's how bitdefender rolls. However, I retested in a

clean test, with (free) Hitman Pro

I started from a base case with 2 clean windows 8 VMs.

New 8.2.2 install - has virus

Old 8.0.2 Jan 2017 - no virus

According to Hitman Pro, touchy.exe, haddock-8.2.2, ghc-8.2.2.exe, and

unlit.exe have some problem post-install. I went no further on the VMs.

"Detection Names

Kaspersky Trojan-Downloader.Win32.Paph.fsv

"

Bitdefender didn't get it on install but would lock the whole thing down

on the first run of "Cabal".

_______________________________________________

ghc-devs mailing list

ghc-devs@haskell.org

http://mail.haskell.org/cgi-bin/mailman/listinfo/ghc-devs

_______________________________________________ ghc-devs mailing list ghc-devs@haskell.org http://mail.haskell.org/cgi-bin/mailman/listinfo/ghc-devs

-- brandon s allbery kf8nh sine nomine associates allbery.b@gmail.com ballbery@sinenomine.net unix, openafs, kerberos, infrastructure, xmonad http://sinenomine.net