Yesterday, 06:14 PM | #1 |
Junior Member
Posts: 2
Karma: 10
Join Date: Sep 2024
Device: none
|
False positive?
I just downloaded the new version of Sigil for Windows (Sigil-2.3.1-Windows-x64-Setup) directly from the official website, before installing it I checked it with VirusTotal and I got a Bkav Pro alert.
Then I downloaded the previous version (Sigil-2.3.0-Windows-x64-Setup) and I didn't get any alert when I checked it. Is it a false positive or a corrupted file? The VT links are: Here the alert is shown Version 2.3.0 Ps. Sorry if this is not the place to ask this question, I am new to everything related to forums . Last edited by Barlow; Yesterday at 06:17 PM. |
Yesterday, 06:57 PM | #2 |
Grand Sorcerer
Posts: 27,881
Karma: 198099188
Join Date: Jan 2010
Device: Nexus 7, Kindle Fire HD
|
It's a false positive. If you're concerned, install Sigil using winget (built into Windows) or Chocolatey. They use the official Sigil installers, but they do their own scanning and vetting. Windows lends a lot of trust to programs installed via those methods.
From an admin prompt (install for all users): winget install -e --id Sigil-Ebook.Sigil --scope machine Or to install for only the current user (no admin needed): winget install -e --id Sigil-Ebook.Sigil --scope user Sigil 2.3.1 has passed winget and Chocolatey's anti-malware scans with no problems. They both also verify checksums before installing to make sure packages have not been altered since they were uploaded. NOTE: not sure why Bkav Pro changed their mind from when Chocolatey tested v2.3.1 https://www.virustotal.com/gui/file/...b32-1725813282 To be thorough... the Sigil-2.3.1-Windows-x64-Setup.exe binary on Github (where the sigil-ebook.com website's download buttons point to) is the same binary that I uploaded on Sep 6. I always save a local sha256 checksum just in case both the binary asset AND the uploaded checksum file should ever become compromised. Last edited by DiapDealer; Yesterday at 07:21 PM. |
Yesterday, 07:28 PM | #3 |
Grand Sorcerer
Posts: 27,881
Karma: 198099188
Join Date: Jan 2010
Device: Nexus 7, Kindle Fire HD
|
It appears that Bkav Pro does not have a very good track record at all with its heuristic W32.AIDetectMalware detections.
|
Yesterday, 07:37 PM | #4 |
Junior Member
Posts: 2
Karma: 10
Join Date: Sep 2024
Device: none
|
I see, thank you very much for clearing up the doubt!
|
Yesterday, 07:41 PM | #5 |
Grand Sorcerer
Posts: 27,881
Karma: 198099188
Join Date: Jan 2010
Device: Nexus 7, Kindle Fire HD
|
Also keep in mind that one positive out of 68 checks is almost always indicative of a false positive.
|
Yesterday, 07:54 PM | #6 |
Grand Sorcerer
Posts: 27,881
Karma: 198099188
Join Date: Jan 2010
Device: Nexus 7, Kindle Fire HD
|
Welcome to the forum, by the way. You found the exact right spot to ask your question!
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Importing book triggers duplicate false-positive? | Cactus Chef | Calibre | 2 | 09-26-2022 05:24 AM |
Cover:false false positives | Ted Friesen | Library Management | 2 | 10-01-2021 07:43 PM |
rating:false works but ISBN:false does not? | rahlquist | Calibre | 2 | 06-01-2012 03:48 PM |
FALSE POSITIVE? | kamanza | Calibre | 2 | 07-20-2011 11:39 AM |