Subscribe to this thread
Home - Cutting Edge / All posts - Download issue: Virus warning
JoeyD30 post(s)
#05-Jul-22 19:51

Dear Manifold team,

I tried to download a new Edge version of Manifold 9 on the weekend and just now (Firefox). When I click on "Release 9 Edge" (https://manifoldgis.com/updates/working/manifold-9.0.177-x64.zip) on the download 9 page I get 2 errors:

1. an SSL-error from Firefox

2. the virus software blocks the access to the address due to infected code

I could try a different browser, but I cannot work around the virus alarm. So either you do have a virus in the software or it is a false alarm. Would it be possible to do something different on your side so this virus alarm does not go off any more?

Thanks for considering!

Dimitri

7,115 post(s)
#06-Jul-22 09:01

This is the user forum, not a communications channel to Manifold. You might want to read up on using the forum.

To contact Manifold tech support, see the contact page.

Be that as it may, the downloads page answers your virus question...

  • False alarms from anti-virus programs are common. The SHA checksums published below guarantee safe downloads. See the information below on how to use SHA checksums.
  • Windows Defender may wrongly complain that the current Edge zipfile contains malware. That is not true and is a false alarm from Defender. Download the file, unzip and run Windows Defender on the resulting files and Defender will report the files are OK.

See also the Install and Activate topic.

For SSL, sounds like maybe your Firefox installation needs updating. I don't see any issues with either Google or Bing browsers.

adamw


10,239 post(s)
#06-Jul-22 11:46

I don't know what the SSL error is about (try a different browser, yes), but the antivirus acting up can easily be a false positive. False positives like that are common. Here are example threads on that:

IDP Generic virus when installing Viewer (I am linking my reply, read the whole thread if you want)

Bitdefender detects Trojan in Radian installation file. False positive??? (I am linking my reply again, read the whole thread if you want, in this thread we even did a test by compiling the default example application generated by Visual Studio and submitting it to virustotal - the compiled example was flagged as 'malicious' by multiple tools, which kind of shows the deficiencies of the detection techniques)

There were multiple other threads like that.

The solution is to verify the SHA256 hash of the downloaded file to be sure that you are installing the exact same file we published.

rk
566 post(s)
#06-Jul-22 12:19

You coud use scoop to install and keep up to date with latest portable manifold edge build.

https://scoop.sh/#/apps?q=manifold&s=0&d=1&o=true

automatic SHA256 verification included.

JoeyD30 post(s)
#06-Jul-22 15:13

Thanks for your comments! The download is completely blocked with a red warning banner before even one byte lands on the harddisc. I don't know about your environment, but in mine trying to circumvent the internet security means risking the job. I.e. I cannot use Manifold Edge at the moment. Explaining to IT that the virus scanner must be wrong will not go anywhere. I guess I'll have to wait till either the download file or the virus database of the security provider changes. By the way, it is not Defender, it is the GData suite which is indicating infected code.

Hasta luego!

adamw


10,239 post(s)
#06-Jul-22 15:29

Let the IT department download the ZIP file, verify its SHA256 hash, unpack it, and scan the result for viruses using Windows Defender (or GData, etc). This frequently helps in that the scan just turns out empty.

As said, this is not something new. We have reports like this with every single build. The reports are false positives. The false positives appear because there are so many competing antivirus tools and because all of them use heuristics which are not 100% (frequently not even 97%) accurate by design. When you combine these two factors, you are bound to have some tools that will flag completely benign code as 'malware' for every new build. Microsoft / Oracle / Google apps don't get flagged because when some antivirus tool flags them, the creators of that tool understand that this is clearly an error and suppress that particular false positive manually.

rk
566 post(s)
#13-Jul-22 20:30

And suddenly, my statement is wrong now.

Scoop Extras now tracks latest *base* build. Maybe it is better that way, because edge builds expire.

Reason? https://github.com/ScoopInstaller/Extras/pull/8810

Manifold User Community Use Agreement Copyright (C) 2007-2021 Manifold Software Limited. All rights reserved.