Kaspersky claims zotero standalone 2.1a3 contains adware "Adware.Win32.Gaba.eth"
My Kaspersky antivirus is currently blocking me from downloading Standalone 2.1a3, claiming it's infected with adware:
22/05/2011 23:04:18 Firefox Web Anti-Virus Detected: not-a-virus:AdWare.Win32.Gaba.eth http://www.zotero.org/download/standalone/2.1a3/Zotero_win32.zip/Zotero_win32/extensions/zoteroWinWordIntegration@zotero.org/components/zoteroWinWordIntegration.dll
I also tried again and got from Kaspersky:
The requested URL cannot be provided
The requested object at the URL:
http://www.zotero.org/download/standalone/2.1a3/zotero_win32.zip
contains legal software that can be used by criminals for damaging your computer or personal data
not-a-virus:AdWare.Win32.Gaba.eth
I'd be grateful if this could be checked, Kaspersky informed of a false-positive or whatever. As I think it's probably safe, I'm going to disable Kaspersky during the download and install.
22/05/2011 23:04:18 Firefox Web Anti-Virus Detected: not-a-virus:AdWare.Win32.Gaba.eth http://www.zotero.org/download/standalone/2.1a3/Zotero_win32.zip/Zotero_win32/extensions/zoteroWinWordIntegration@zotero.org/components/zoteroWinWordIntegration.dll
I also tried again and got from Kaspersky:
The requested URL cannot be provided
The requested object at the URL:
http://www.zotero.org/download/standalone/2.1a3/zotero_win32.zip
contains legal software that can be used by criminals for damaging your computer or personal data
not-a-virus:AdWare.Win32.Gaba.eth
I'd be grateful if this could be checked, Kaspersky informed of a false-positive or whatever. As I think it's probably safe, I'm going to disable Kaspersky during the download and install.
This will have to be explored by the core team to see what's up.
The DLL is supposed to be part of the plugin, and it's hard to say if there's anything wrong with it. There is a pile of assembly at the end of it-- maybe something is wrong? I would honestly hold off on installing until this is cleared up 100%.
If you still get it after installing the latest version, let us know.
And just to reiterate, this is a false positive. There's nothing at all wrong with the plugin.
I assumed the malware warning was a false positive - thanks for the reassurance. I have added the dll to the list of exceptions (perhaps shouldn't advertise it) so that my antivirus will stop blocking it. However, I'm sure others will run into this problem, and won't like this solution (or won't know how to configure their AV to allow such exceptions).
Like I mentioned, this showed up today immediately after my AV-update, after which the on-access scanner picked the zotero dll up.
The latest version appears to pass other tools.
Thanks. I re-installed Zotero and that seemed to fix things. There wasn't much of an error message except to say that it (AVG) is moving the zotero.exe into the vault and do I want to restart the computer now :-). If it happens again I will make screen captures of the various messages and post them.