Infected Xojo2017r21Setup.exe

I just downloaded Xojo2017r21Setup.exe and when I tried to run it my anti-virus flagged it as being infected.
Is there an alternative download?
Is there a MD5 checksum?


Read this:

I tried to give more information via the link, “Contact me”, on the above web page but it just pointed me to a list of other links so I’ll give info here:

Antivirus: Panda Global Protection
Version: 17.0.1

You’re welcome, even here light Windows user, perhaps this helps you (From CentOS Linux):

$ clamscan Xojo2017r21Setup.exe 
Xojo2017r21Setup.exe: OK

----------- SCAN SUMMARY -----------
Known viruses: 6303617
Engine version: 0.99.2
Scanned directories: 0
Scanned files: 1
Infected files: 0
Data scanned: 0.00 MB
Data read: 619.21 MB (ratio 0.00:1)
Time: 7.024 sec (0 m 7 s)

$ md5sum Xojo2017r21Setup.exe 
4ef05815aa5aaab8061ac3f7c5426a4a  Xojo2017r21Setup.exe

$ sha256sum Xojo2017r21Setup.exe 
189837fe23caa4a5f0e492c340c9e2e2abc13c500414bec36fa50151edf39f7e  Xojo2017r21Setup.exe

It happens from time to time that “this” or “that” antivirus engine track the Xojo executable or some or their associated plugins as infected. I’m not saying you should not get cautious about this… but if you downloaded the package from Xojo’s servers, then most probably is a false positive from the antivirus engine, like in previous ocassions.

I suggest to contact the antivirus developer to point this out. Sadly, Panda is well known for things like this one.


I don’t understand how they can be this stupid those that make the Antivirus programs since this can easily be eliminated at almost no performance cost.

Just do.
If its a match then we do secondary scan with much larger hash => No more false positives ever since even if the larger hash would ever have collisions then it would also have to collide with the smaller has at same time.

Given 99.99% of files will not be hit in the first pass then the secondary scan will basically cost nothing in performance.

yeah, but you don’t get to scare the average user in to spending money on your program :wink:

OK. The MD5 checksum matches that displayed by Centos so I took a chance and disabled my av checking and attempted to run Xojo2017r21Setup.exe.

I received the following error message:

Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item

The file is in a newly created directory with read/write access and I have administrator rights.

What have I done wrong?

Maybe your antivirus changed something on the file so even if you disabled it you can’t run it?

Try to:

  • disable AV
  • delete the .exe file
  • download the .exe again
  • run

Panda is a malware :confused:

If you want to learn about the IT Security business you could go to the VB Conference.