false positive on virus scan ???

Yes, this is a false positive, and has already been reported to ClamAV.

OK, great. many thanks for your very prompt reply…

is optipng.exe required?

or not?

My hosting company has put my website offline because of this false positive. I removed the .exe files and in Advanced settings clicked not to use:
jpegtran, optipng, gifsicle. Just because I don’t want another offline message (site is online now). Don’t know if this was at all necessary however removing the exe files was on request of the provider.

@deprito, If your server runs Windows and you want to optimize PNG images, then you need optipng.exe.

@sjoerd_w, If you disabled jpegtran, optipng, and gifsicle, your images will not be optimized at all, so you’ve gone a bit over the top.

I’ve personally tested optipng.exe for malware, and it is not infected, it is most definitely a false-positive, and I wish ClamAV would hurry up and fix their definitions, or people would read before posting again and again and again…

Thanks for the information and I hope so too (ClamAV to hurry up).

I’m about to report this as a false positive here, I suggest others do as well to help expedite the definitions update and cut the plugin dev some slack.

Clam AV False Positive Reports

I just did a fresh scan with ClamAV, and it looks like they’ve cleared the false positive:

$ clamscan optipng.exe
optipng.exe: OK

----------- SCAN SUMMARY -----------
Known viruses: 4230664
Engine version: 0.98.7
Scanned directories: 0
Scanned files: 1
Infected files: 0
Data scanned: 0.09 MB
Data read: 0.09 MB (ratio 1.00:1)
Time: 7.338 sec (0 m 7 s)

Thanks for hanging in there everybody! Webhosts should have updated definitions soon, so we can get back to real business.

I noticed today that Microsoft Security Essentials marked optipng.exe as a severe threat while I was working on my Win7 machine.

PWS: Win32/Lineage.gen!C.dam
https://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?name=PWS%3aWin32%2fLineage.gen!C.dam&threatid=2147583492

I’m not sure how to flag as false positive with MSE.

Bozz, you should generally start a new thread, since this is a new issue. They have a ‘submit a file’ link on that page you linked to, and then “send us malware”. They give you an option on step 3 to choose that it should NOT be flagged. If you want reliable free AV, I recommend BitDefender free, it’s a far cry better than MSE.

OK cool, I sent them the file and reported as not malware. MSE / Windows Defender are used on a lot of machines, I understand this is a false positive, just looking out for other folks who might come across this. Cheers!