This wouldn't be the first time some program that uses heuristic execution patterns to detect malware decided it didn't like the STG.
On Thu, Dec 28, 2017 at 4:15 PM, Matthew Lamari <[email protected]> wrote: > > The site gave me the 5ffdaa sha256 you have below for touchy.exe. > > That said, I still have the 2 builds yield different results from Hitman > Pro on the clean boxes. And Bitdefender, on my machine, (albeit being > obtuse) chucks a fit over it. It doesn't detect the EXE files; but detects > secondary consequences of them running. > > > *I really think something is afoot here.* > > > > > On 12/28/2017 3:00 PM, [email protected] wrote: > > Upload one of the binaries it flagged to https://www.virustotal.com/en/ > and send the link. > > > > As far as I can tell, they’re all clean > > > > https://www.virustotal.com/en/file/9cc2a6032dde8d8ab572f949104124 > 2ab4c76d2b7d36eea5283c82cf9bf9fd69/analysis/ > > https://www.virustotal.com/en/file/5ffdaa7da4381637ab2a0ec327118c > d933398a477430e2f5d94e9d53c53f2782/analysis/ > > > > *From: *Matthew Lamari <[email protected]> > *Sent: *Thursday, December 28, 2017 20:29 > *To: *[email protected] > *Subject: *Haskell Platform 8.2.2 - virus? > > > > > > New Haskell install was tripping my Bitdefender like crazy and in weird > > ways - not new as that's how bitdefender rolls. However, I retested in a > > clean test, with (free) Hitman Pro > > > > I started from a base case with 2 clean windows 8 VMs. > > > > New 8.2.2 install - has virus > > Old 8.0.2 Jan 2017 - no virus > > > > > > According to Hitman Pro, touchy.exe, haddock-8.2.2, ghc-8.2.2.exe, and > > unlit.exe have some problem post-install. I went no further on the VMs. > > > > "Detection Names > > Kaspersky Trojan-Downloader.Win32.Paph.fsv > > " > > > > Bitdefender didn't get it on install but would lock the whole thing down > > on the first run of "Cabal". > > > > _______________________________________________ > > ghc-devs mailing list > > [email protected] > > http://mail.haskell.org/cgi-bin/mailman/listinfo/ghc-devs > > > > > > _______________________________________________ > ghc-devs mailing list > [email protected] > http://mail.haskell.org/cgi-bin/mailman/listinfo/ghc-devs > > -- brandon s allbery kf8nh sine nomine associates [email protected] [email protected] unix, openafs, kerberos, infrastructure, xmonad http://sinenomine.net
_______________________________________________ ghc-devs mailing list [email protected] http://mail.haskell.org/cgi-bin/mailman/listinfo/ghc-devs
