Anti-virus reports Trojan virus in PlateSpinRecon-v3.7.0.3912 zip file

  • 7006662
  • 18-Aug-2010
  • 26-Apr-2012

Environment

PlateSpin Recon 3.7.0.3912

Situation

Anti-virus applications may report files extracted by Platespin Recon installer to be infected with Trojan.
 
When Platespin Recon installation executable is run on a machine with an antivirus application running, it will report that one to the files is infected. The installation file is a self-extracting executable.
 
This issue is seen mostly with Norton and Synmantec anti-virus. The file being detected as infected is Autorun.exe. This file is a DOS executable which executes a shell command to launch the installation process. There seems to be an issue with the digital signature on the file which causes the anti-virus to detect it as infected. Novell has confirmed that the file is not infected and that this warning is a false positive result.

Resolution

To workaround this issue create a new folder on the server where Recon is being installed and add this folder to the system's anti-virus exclusion rules. Once complete, proceed with the steps below.

1. Download Platespin Recon installer compressed (.zip) file to a folder which is excluded from AV scanning.

2. Extract the contents of the .zip file into the folder being excluded from AV scanning.

3. Run the executable.

This will prevent the files extracted by running the executable from being scanned by AV.

Additional Information

This will be resolved in the next release of Platespin Recon.

Feedback service temporarily unavailable. For content questions or problems, please contact Support.