tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ангелин Лалев <>
Subject Re: Re: Avast Antivirus and apache-tomcat-6.0.18.exe
Date Wed, 06 Aug 2008 05:01:09 GMT
Thanks for the fast replies!
I'm going to proceed with installation. 
Maybe Avast guys should be notified, but that must be done from someone 
regular with the project.  

 >-------- Оригинално писмо --------
 >От:  "Len Popp" 
 >Относно: Re: Avast Antivirus and apache-tomcat-6.0.18.exe
 >До: "Tomcat Users List" 
 >Изпратено на: Сряда, 2008, Август 6 03:09:50 EEST

 >2008/8/5 Johnny Kewl :
 >> ----- Original Message ----- From: "Mark Thomas" 
 >> To: "Tomcat Users List" 
 >> Sent: Tuesday, August 05, 2008 11:09 PM
 >> Subject: Re: Avast Antivirus and apache-tomcat-6.0.18.exe
 >>> Mark Thomas wrote:
 >>>> Ангелин Лалев wrote:
 >>>>> Apparently the address is from Bulgarian mirror, where I am
 >>>>> automatically redirected when i load the
 >>>>> The md5 sum is from there too.
 >>>>> If the alert is reproducable on binaries from other mirrors that still
 >>>>> don't mean it's a virus.
 >>>>> I had false warnings with Avast before.
 >>>> Indeed. That is what I am trying to establish.
 >>> I am as sure as I can be that this is a false positive.
 >>> Mark
 >> Hi Mark, I think so to, I scanned the zips, scanned native binaries...
 >> conclude either something has snuck onto the MS build machine, or Avast is
 >> getting it wrong... I believe the later because it doesnt actually identify
 >> the virus, Win32 gen seems to be a generic warning with no description...
 >> But all this doesnt really matter... one cant recommend users ignore it,
 >> Avast is popular... and its just the kind of thing competition will thrive
 >> on... its negative marketing for TC.
 >> It will probably go away with a slight mod to the build and I think it has
 >> to be marked as urgent and the instant the next build is ready, its
 >> replaced.
 >> I would actually remove it... just the Win32 service... the zip is fine.
 >> Regards
 >> JK
 >I agree that a false positive from Avast shouldn't be ignored, but I
 >think the correct solution is for someone to contact Avast
 >and ask them to either explain what the problem is or remove Tomcat
 >from their virus definitions.
 >Sometimes the problem is caused by the installer program. There have
 >been cases where the anti-virus guys mistakenly extract a signature
 >from the installer program rather than the from the malware itself,
 >which causes false positives on other programs using the same
 >installer. Just a guess, but it seems likely here because Tomcat uses
 >the popular open-source Nullsoft installer.

To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message