Trojan horse detected in Vassal 3.2.2

[lebigot]

Installing Vassal 3.2.2 (in principle downloaded from SourceForge) on Windows 7 with the 360 Antivirus raises an alert: it detects a Trojan horse (HEUR.Malware QVM01.Gen).

Has anybody experienced a similar problem? A Google search for QVM01.Gen seems to only return Chinese sites, including reports by users where they show that a simple, benign program can raise the same alert.

However, I'm still a little hesitant to allow the installed Vassal to run. Any advice?

[DrNostromo]

I am 100% certain this is a false read. I've been using Vassal for over 5 years and I've never encountered any problems of this kind. I'm certain that the powers-that-be here at Vassal would work extensively hard to insure something like that would never happen.

[lebigot]

Yeah, I would think so too.

I was more concerned about a possible man-in-the-middle attack whereby the downloaded Vassal might differ from the original one (basically through a fake SourceForge download page: I was not able to verify the identity of the SourceForge site from which I downloaded Vassal). Is there any way I can make sure that the downloaded file is correct (checksum, web site with certificate)?

[uckelman]

Thus spake lebigot:
> Yeah, I would think so too.
>
> I was more concerned about a possible man-in-the-middle attack whereby
> the downloaded Vassal might differ from the original one (basically
> through a fake SourceForge download page: I was not able to verify the
> identity of the SourceForge site from which I downloaded Vassal). Is
> there any way I can make sure that the downloaded file is correct
> (checksum, web site with certificate)?

Sourceforge displays the SHA1 and MD5 checksums of our files (click the
little circled 'i' icon to see them for any given file).

These are the SHA1s for the 3.2.2 files I uploaded to SF:

[uckelman@scylla releases]$ sha1sum VASSAL-3.2.2-*
a64a85b9e6ae185cd6345390d507f9065e05ddcd VASSAL-3.2.2-linux.tar.bz2
e01181793b7152d9b57d7657723ec18d2633dab4 VASSAL-3.2.2-macosx.dmg
e4ee51ada5b764df9079bc06b1d8825c5306c705 VASSAL-3.2.2-other.zip
718b2e0f3eed7013ffccfa7ccde548efe277c000 VASSAL-3.2.2-src.zip
c2683f5801cc60c653b3b7b939f98edcb30b21b0 VASSAL-3.2.2-windows.exe

They agree with the SHA1s SF displays.

The files you get when you download from SF ought to have SHA1s matching
these. If not, PLEASE lest us know immediately.

In reply to the original post: I'm quite sure your antivirus program is
being overzealous, so long as the file you downloaded has the same SHA1
as the file I uploaded.

--
J.