Virus in DLL??

Need help with FileZilla Client? Something does not work as expected? In this forum you may find an answer.

Moderator: Project members

Post Reply
Message
Author
aleyandre
500 Command not understood
Posts: 1
Joined: 2006-05-22 09:46

Virus in DLL??

#1 Post by aleyandre » 2006-05-22 09:52

Hello,

I just downloaded the 2.23 files to update my dear Filezilla client and my antivirus (CA Etrust) pops up with this message :

NSISdl.dll is Win32/SillyDl.ANS trojan

This happens when the installer is downloading packages.

I downloaded the files from the OVH (France) server. Is my antivirus getting paranoid?

Thanks

Alex
Top
TheAngryPenguin
226 Transfer OK
Posts: 323
Joined: 2004-03-08 18:40

#2 Post by TheAngryPenguin » 2006-05-22 13:01

> This happens when the installer is downloading packages.

I've been using the .zip version for the past numerous years, so if I'm wrong, I apologize in advance. It seems to me that what you've downloaded is not an official FileZilla release. AFAICT, FileZilla's installer is a complete NSIS-based setup package that doesn't require itself to download additional modules from an external source. FWIW:

Code: Select all

D:\TEMP>inocmd32 -sig
InoculateIT Signature version:  virsig.da0  23.72.14    2006/05/21
Vet         Signature version:  vet.da1     12.04.2221  2006/05/22

D:\TEMP>inocmd32 -eng ino -act cure -ver FileZilla_2_2_23a_setup.exe
Start scanning file/directory FileZilla_2_2_23a_setup.exe

Total Files Scanned:             1
Total Viruses Found:             0
Total Infected Files Found:      0
Total Cured Files:               0
Scan Mode:                       Secure

*** End Of Summary ***

D:\TEMP>inocmd32 -eng vet -act cure -ver FileZilla_2_2_23a_setup.exe
Start scanning file/directory FileZilla_2_2_23a_setup.exe

Total Files Scanned:             1
Total Viruses Found:             0
Total Infected Files Found:      0
Total Cured Files:               0
Scan Mode:                       Secure

*** End Of Summary ***

D:\TEMP>md5 FileZilla_2_2_23a_setup.exe
89168094CA7E7B75318211F652FBCB67  FileZilla_2_2_23a_setup.exe
I would be willing to bet that the MD5 hash of what you downloaded does not match the above.
Top
User avatar
boco
Contributor
Posts: 26940
Joined: 2006-05-01 03:28
Location: Germany

#3 Post by boco » 2006-05-22 16:03

If I remember correctly, if one ticks the 'Sourcecode' box, Filezilla has to download it.

boco
Top
TheAngryPenguin
226 Transfer OK
Posts: 323
Joined: 2004-03-08 18:40

#4 Post by TheAngryPenguin » 2006-05-22 17:41

boco wrote:If I remember correctly, if one ticks the 'Sourcecode' box, Filezilla has to download it.

boco
Ah! Never tried that! This is good to know, and it might explain a false positive.
Top
Post Reply

Return to “FileZilla Client Support”