The mailing list for users of the eduroam Configuration Assistant Tool (CAT)

[Stefan Winter <stefan.winter AT restena.lu>]

Hello,

> This comes up when downloading our eduroam installer for Windows 7:
> 
> 
> The downloaded file is then deleted. Strange thing is that same file
> downloaded yesterday (may 26) is reported clean by SecureAnywhere.
> I am the administrator of realm skola.engelholm.se at Ängelholms kommun,
> Sweden.

This is one of the usual "heuristics" matches be occasionally see, not a
concrete virus alert.

You may want to upload the file to virustotal.com and see for yourself
how many AV engines feel suspicious about it. Despite for a few Chinese
AV engines (who constantly misclassify our installers), most to all AV
engines typically do not report any activity.

In that case, you can be assured that there's nothing special going on.
My guess is that "SecureAnywhere" got a recent signature update where
the heuristics is now slightly too pedantic.

Greetings,

Stefan Winter

-- 
Stefan WINTER
Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et
de la Recherche
2, avenue de l'Université
L-4365 Esch-sur-Alzette

Tel: +352 424409 1
Fax: +352 422473

PGP key updated to 4096 Bit RSA - I will encrypt all mails if the
recipient's key is known to me

http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66

Attachment: 0x8A39DC66.asc
Description: application/pgp-keys

Attachment: signature.asc
Description: OpenPGP digital signature