CSE HTML Validator

[davidl53]

When downloading HTMLV 8 Pro Beta 3 from htmlvalidator.com, f-secure alerts me that the download contains the above listed trojan. I aborted the doenload. I tested my machine and it tested clean

I did a full scan of my test machine and it tested clean. I set f-secure on my test machine to allow the install-file to download. Upon executing the install program I again was alerted to the trojan problem.

I scanned the directory where downloaded the install and it was labeled contaminated. I deleted the install program and rescanned and my drive was reported clean.

Is this a contaminated download? Is f-secure being fooled by something in the download?

Thanks

[Albert Wiersch]

I've received a few, but not many, reports of infection. I believe these are all false positives. Any download from htmlvalidator.com should be clean.

I've scanned the files with Norton and they all tested clean.

I ran the install program through here:
http://virusscan.jotti.org/

And that site found no problems.

Please make sure your virus checker/scanner is up-to-date.

[NetHawk]

I'm am using the brand new version of AVK 2007 (gdata.de) which is a combination of two virus scanner (Kaspersky and f-secure?). However it also claims that cse80.exe is infected with Trojan.Win32.Delf.sw. I'm confident, that the file is clean and this is a false alarm (I used McAfee and Norton until yesterday, they both didn't complain).

I'm trying to submit the file to Gdata for examination / confirmation and hope they will update their signatures.

[Albert Wiersch]

I'm am using the brand new version of AVK 2007 (gdata.de) which is a combination of two virus scanner (Kaspersky and f-secure?). However it also claims that cse80.exe is infected with Trojan.Win32.Delf.sw. I'm confident, that the file is clean and this is a false alarm (I used McAfee and Norton until yesterday, they both didn't complain).

I'm trying to submit the file to Gdata for examination / confirmation and hope they will update their signatures.

Hi NetHawk,

Thanks for the info. From the reports I've received, I believe I can narrow this down to a problem with Kaspersky. I do hope they get this fixed soon!

[Albert Wiersch]

UPDATE: I have emailed Kaspersky and F-Secure about this false positive as it is affecting a small number of CSE HTML Validator v8.0 users.

Anyone using Kaspersky or F-Secure may get this false positive.

[Albert Wiersch]

I did some tests with F-Secure Anti-Virus this morning and didn't have any problems. Can someone confirm that this issue has been resolved by making sure you have the latest definitions and trying to install or run CSE HTML Validator v8.0?

[NetHawk]

I can confirm, that with the signatures of today my GDATA antivirus solution does no longer report cse80.exe as infected.

GDATA consists of a Avast and a Kaspersky engine (not f-secure as I claimed earlier). So Kaspersky standalone should be OK too.

[Albert Wiersch]

I can confirm, that with the signatures of today my GDATA antivirus solution does no longer report cse80.exe as infected.

GDATA consists of a Avast and a Kaspersky engine (not f-secure as I claimed earlier). So Kaspersky standalone should be OK too.

Thanks! Good to hear.

I ran cse80.exe through
http://virusscan.jotti.org/

2006-10-11: The above found that Kaspersky is no longer reporting problems, but now Fortinet and Norman Virus Control are.

2006-10-12: The above found nothing in all scanner results for cse80.exe for pro v8.0011.

Looks like virus programs are getting too aggressive.