Virus Report on FossHub for JabRef-5.9.msi

I am currently using only Jabref 5.8 and I do not dare upgrade to 5.9 as there is a Virus Alert for the Windows installer release on FossHub. Only 1/15, but still…

Could someone please check why Jotti’s Malware Scan using ClamAV reports

Win.Malware.Sivis-6744066-0

when scanning JabRef-5.9.msi

Disclaimer: This is my first post on here, please tell me if it fits better somewhere else. I didn’t post this on github as I couldn’t find a fitting category.

Hi,

this is very likely a false alarm. I checked the file again from fosshub.
You can also download it from github Release JabRef Version 5.9 · JabRef/jabref · GitHub and check again. The file hashes shoudl also match.

I checked with VirusTotal again and it looks fine;

Apparently ClamAV does not really describe why Win.Malware.Sivis-6744066-0 is classified as malware. I found this signature listed in their archives, but there is no description whatsoever. It may or may not be a false positive. They also use RegEx to detect malicious signatures.

Found these docs about how to interpret scan alerts on their website though: Interpreting Scan Alerts - ClamAV Documentation.

googling it, I got to a Microsoft Defender Info page

https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Virus%3AWin32%2FSivis.A

which dates back to 2011. Not sure if that’s the very one.