[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: LilyPond 2.19.52 identified as malware
From: |
David Kastrup |
Subject: |
Re: LilyPond 2.19.52 identified as malware |
Date: |
Thu, 15 Dec 2016 22:34:48 +0100 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/25.1.50 (gnu/linux) |
Peter Toye <address@hidden> writes:
> Trying to download and install LP 2.19.52. It seemed to install OK, in
> the sense that a load of files went into the directory.
>
> But when I tried to install it into Frescobaldi my anti-malware
> program (Kaspersky) came up with a load or error messages and deleted
> many of the files in the directory. A selection of the error messages
> is below.
>
> Has the repository been hacked?
> 14.12.2016 22.04.45 File deleted when rolling back actions of
> malicious program c:\program files
> (x86)\lilypond2.19\usr\bin\_codecs_iso2022.dll Object: c:\program
> files (x86)\lilypond2.19\usr\bin\_codecs_iso2022.dll Application name:
> D:\PC Software\LilyPond\lilypond-2.19.52-1.mingw.exe Application path:
> d:\pc software\lilypond\lilypond-2.19.52-1.mingw.exe Time: 14/12/2016
> 22:04
> 14.12.2016 22.04.45 File deleted when rolling back actions of
> malicious program c:\program files
> (x86)\lilypond2.19\usr\bin\_codecs_cn.dll Object: c:\program files
> (x86)\lilypond2.19\usr\bin\_codecs_cn.dll Application name: D:\PC
[...]
At least those are not as far as I can imagine part of LilyPond.
Wherever you got that installer, I would think it either got hacked
itself, or some preexisting malware on your system took the opportunity
of the installation to mess with it or with the download.
--
David Kastrup