Viruses in QT examples?

pelig

Hi!
When installing QT, my F-Secure Anti Virus complains a few times about virus in the example binaries.
For example, F-Secure says "Virus & Spy protection has detected HackTool.Win32.BruteForce.ff virus in your computer"
The file pointed out is addressbook.exe in [QTPATH]\examples\itemviews\addressbook\release\

QT-version:4.7.0 (I think, don't have access to that computer right now... Install file is qt-sdk-win-opensource-2010.05.exe)
OS: Windows XP Pro

Problem could be linked to http://developer.qt.nokia.com/forums/viewthread/1938/

Rgds
Peter

Guest

same reply as posted in other thread ...
not sure if the downloaded exes were the problem, maybe local to your system. for sure the installer is not infected. can u disable the AV and try to install ...

pelig

I've actually installed and let the AV remove whatever it regards as virus. But this was on my home lab computer. Before installing QT in my work machine, I want to be absolutely sure there are no viruses in the installation package (yes, it happens!)
/Peter

DenisKormalev

There should be no viruses there. It is common problem for all antivirus products to show falsepositives at some suspicious places (caught by heuristics algorithms). But of course if you want to be totally sure you can write to support and ask them about it.

pelig

The support wants my money to allow me to contact them (smart guys! :-)
And I cannot call it a bug I think. So I guess I have to take the risk of installing in my work environment...

Guest

I cannot comment whether you should or should not take risk by installing it in your work environment, that is a call you alone have to take and bear the responsibility :) ...

But I can tell you that thousands and thousands of downloads of the Qt binaries and I'm sure no virus issues there :) ... I personally have Qt on 4 of my mobile devices, my home and work laptops.. and all is fine

Wolf P.

Isn't there a MD5 or SHA* checksum that can be validated?

pelig

I don't think checksum check will help if the virus was there from the beginning. I suppose it'll help only if someone hacked Nokia's QT distribution. And in that case the checksum verification is probably hacked aswell (at least I would do so if I were a hacker... :-)
Nevertheless this all seems rather academic. I guess it's OK to install considering the amount of people who have already done that.
Thanks for all the answers!
/P

DenisKormalev

pelig, if you've downloaded binaries from qt.nokia.com than there is 99.99% guarantee that there are no viruses.

Guest

pelig, how about checking with your AV (if you purchased their support) ... maybe they need to fix the virus database/algorithms... definitely you don't want your AV to delete clean .exe files going fwd

DenisKormalev

chetankjain, I don't think AV support will help here. In most cases they say "such falsepositives are normal" because if they will change something to avoid such situations it will make their heurustic algorithm weeker.