tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Konstantin Kolinko <knst.koli...@gmail.com>
Subject Re: Detected malware in the download of Tomcat 6.0.30
Date Thu, 27 Jan 2011 13:37:46 GMT
2011/1/27 Barry Kortekaas <Barry.Kortekaas@swfwmd.state.fl.us>:
> I am receiving a virus detection in the download of apache-tomcat-6.0.30-windows-x64.zip
(MD5 - 03416951ad4094d1f0de1c55cf9180c1) from different mirrors.
>
> www.takeyellow.com<http://www.takeyellow.com>
> www.eng.lsu.edu<http://www.eng.lsu.edu>
> mirrors.devlib.org
> apache.ziply.com
> www.reverse.net<http://www.reverse.net>
>
> Virus total has 3 engines detecting "W32/Nebuler.E.gen!Eldorado" and "Riskware".
>
> http://www.virustotal.com/file-scan/report.html?id=12dcd961346fc39ee6287bf819d2f7267b0698a7d95df35c0da53aa4853e04a8-1296130008
>
>
>               I have run the download through Vipre (defs 8212) and ESET NOD32
(defs 5823) but received no detections.  Is this a false positive and is the download safe?
>

It barks at tomcat6w.exe which is renamed prunmgr.exe from
commons-daemon 1.0.5 from
http://www.apache.org/dist/commons/daemon/binaries/1.0.5/windows/commons-daemon-1.0.5-bin-windows.zip

Analysis:
http://www.virustotal.com/file-scan/report.html?id=2e114a9fbfd11137e8efb291aec0b1ddd3c0ccc16415904d34358e1504309044-1295963193

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message