[False positive] Malware in the installer

Título: Posible Malware Detected in the Synfig Studio Installer

Descripción:
Hi Synfig team

I wanted to inform that when i wanted to download the last version of Synfig Studio from the official page, my antivirus software detected a troyan malware, i checked it with a webpage named virus total and said it too

  • Operative System: Windows
  • How did I installed it:
    1 I entrered the official page https://www.synfig.org/
    2. I clicked the download stable version button
    3. I downloaded the installer from the anonimus link, i downloaded the Windows 64 bit Installer, and when i tried from the other way, by giving my email, it didnt work, i got the synfig studio but it didnt download nothing

Please fix it, and excuse me by my english, i speak another language, and i dont speak english very well
I would like if you could speak it with the opentoolz team, because i did see it t

Thanks

Hi and welcome here

Well, I don’t know why people use antivirus software these days. It was understandable back then. You get the best protection with windows defender now. Plus a pro thing, you don’t have to shell a penny outta yo pocket except the windows key, you can even activate windows with free alternative methods if you understand me :wink: I don’t really recommend to use alternative methods :slightly_smiling_face:

And it understands what really has malware :wink:

Sometimes, Windows Defender is not enough, sufficient for most “base” users.
Depending the usage done, in enterprise, using warez, or anything where a new breed of malware is appearing, then an AV is required.
For Windows users mostly, of course, Mac and Linux have other means of protection (while not 100% perfect).

Yeah I understand about that use case. I am just telling that for someone who is a home user, and who doesn’t really play with a lot of dark web stuff, but is still geeky. Windows defender is all they need, paying for avast, quickheal, McAfee at that point is basically useless.
Anything above that, then they obviously should use a good antivirus.

A “Home User” can be a grand-mother or a child.
Most of the victims of malware are “digitally uneducated” vulnerable people, and even “experts” can sometimes fall into traps like 0-day.
Clicking on a link in an email, installing a toolbar/codec which promises to have the possibility to watch the last blockbuster or to obtain discount on online orders or some coupons.
Downloading a software from the first link found on Google, which is not necessarily the original version …
Even AV free versions can save most of unexpected threats.
99% of the time, the malware has been installed with the consent of the user.

Also you don’t need to go on the dark web to be fooled.
Maybe you are a bit you to have seen exploits via “harmless” images in web browser, but they existed (EMF/WMF, SVG, PNG …).

To summarize, you don’t need an antivirus under Windows if you are not connected to the internet and don’t plug any device on your computer …
And still there are ways to get infected :stuck_out_tongue:

https://oit.utk.edu/security/learning-library/article-archive/protecting-against-malware-concealed-in-png-images/

2 Likes

Well… What proclamation might I utter henceforth? Thou hast verily smote me with thy veritable deluge of “KnOwLeDGe :sparkles::sparkles:”.

Mayhaps I can only proffer mine apologies and tender my salutations, for I do accept mine ignominious defeat :skull:

When you will be my age, you will have seen so many “horrors” that you will never trust blindly marketing affirmations like “totally safe”.
Even for simple Windows updates, there are series of tests before to deploy them in production

Trust no One, Mr Mulder

1 Like