[SOLVED] Lazarus.exe detected as malware/virus

[incendio]

Hi guys,

I have installed 32bit Lazarus ver 2.2.2 on WIndows 10, it is detected as a malware/virus by norton power eraser, see attachment.

Why? Is this a false alarm?

[bobby100]

Which kind of malware is reported?
If it says something about Heuristics, or Generic, you can suspect your Norton.

Anyway, you can upload it to Virus Total and see for yourself what the other antivirus apps has to say about the lazarus.exe file.

[Handoko]

Yes, use Virus Total. If the scan result shows virus detected using many antiviruses, that file probably contains or infected by virus. But if only detected by 1 or 2 antiviruses, that maybe is false positive.

[dseligo]

You can also verify checksum to see if your file is the same as the official release.

Here is the link: https://www.lazarus-ide.org/index.php?page=checksums#2_2_2

[ASBzone]

Hi guys,

I have installed 32bit Lazarus ver 2.2.2 on WIndows 10, it is detected as a malware/virus by norton power eraser, see attachment.

Why? Is this a false alarm?

Norton strikes again.  It's been a few decades since Norton was a decent antimalware product.


If you are downloading Lazarus from reputable location (this website, Source Forge or approved mirrors), and confirming the hash/checksum of the downloads with the following location, you should be assured that it is legitimate:  https://www.lazarus-ide.org/index.php?page=checksums


I also second the recommendation to check VirusTotal.


Last recommendation:  Version 2.2.6 is the current stable/production release of Lazarus.

[incendio]

I have checked MD5, it was matched, but from VirusTotal, 1 vendor also detected as  malicious, see attachment.

[ASBzone]

I have checked MD5, it was matched, but from VirusTotal, 1 vendor also detected as  malicious, see attachment.

Having 1 vendor recognize it is malware, out of 50+, is very much in the land of false positives, especially if it false under the category of heuristics.

Given that it matched the MD5 has, and you don't have 5 or more antimalware vendors registering it as malware, you can comfortably conclude that it is not malware.

[incendio]

I have checked MD5, it was matched, but from VirusTotal, 1 vendor also detected as  malicious, see attachment.

Having 1 vendor recognize it is malware, out of 50+, is very much in the land of false positives, especially if it false under the category of heuristics.

Given that it matched the MD5 has, and you don't have 5 or more antimalware vendors registering it as malware, you can comfortably conclude that it is not malware.

OK, thanks for the confirmation and thanks to everyone who have given advised, case closed.