/ Home \ \ Subjects /

Subject: Win32/Wacapew.C!ml

01/01/2021 00:40 Someone:
Tried to install Small HTTP Server, to be more precise version 3.04. Got the alert about potentially unwanted software and Win32/Wacapew.C!ml, where the affected file was shttp3.exe. Is it infected possibly?
01/01/2021 15:27 Max:

On the site present MD5 sum for each file. If the MD5 sum is the same, then infection is impossible.
And there can not be anything 'unwanted'.

I already public info about this:
"Some antivirus programs persistently identify the Windows version of the Small HTTP server as a virus. I do not know exactly why this is happening, but I can suggest several reasons. One possible reason is that it have original executable file format. I create Windows version executables using my own MKPE for DJGPP package, which I wrote many years ago. Indeed, the format of my PE .exe file is somewhat different from the usual one, however, it is understood by all versions of Windows and has several advantages, but it is probably what anti-viruses don't like. The second possible reason is that executable files are packed, and even (oh, horror!) by my own non-standard archivater, which unpacks them on the fly before run. Probably, is too difficult for anti-viruses to unpacking them. Well, the third reason, it is possible that this is a server, including a mail server, and the installer has functions to add the program to startup or install it as a service, and such functionality looks extremely suspicious ... "

3.04 is very old version. The current version is 3.06.19. It is opensource. I hope it is better then 3.04 and there present the file compiled with help MINGW GCC compiler, that must be install without problem.

User: Password: New user:   Save password: