Author Topic: Apache Tika marked as a malware  (Read 265 times)

0 Members and 1 Guest are viewing this topic.

Offline sogawa-sps

  • Newbie
  • *
  • Posts: 2
Apache Tika marked as a malware
« on: July 10, 2024, 03:40:05 PM »
I ran Avast Scan during startup for the first time and to my surprise it marked files related to the well-known Java solution Apache Tika as malware.

Code: [Select]
<?xml version="1.0" encoding="UTF-8"?>
<aswObject>
<NewId>00000003</NewId>
<Size>3192041</Size>
<ChestEntry>
<ChestId>00000001</ChestId>
<FileTime>1720617345</FileTime>
<OrigFileName>tika-parser-pkg-module-2.9.1-tests.jar</OrigFileName>
<OrigFolder>C:\Users\user\.ivy2\cache\org.apache.tika\tika-parser-pkg-module\test-jars</OrigFolder>
<Comment></Comment>
<Virus>Other:Malware-gen [Trj]</Virus>
<Category>Vir</Category>
<Restore>yes</Restore>
<TransferTime>1720617345</TransferTime>
<FileSize>1595539</FileSize>
<Viruses>Other:Malware-gen [Trj]|OB2-7FFF03FE5F0C72AC57F598A93257AF00|troj;Ae0d858aa9b1a</Viruses>
</ChestEntry>
<ChestEntry>
<ChestId>00000002</ChestId>
<FileTime>1720617347</FileTime>
<OrigFileName>tika-parser-pkg-module-2.9.2-tests.jar</OrigFileName>
<OrigFolder>C:\Users\user\.ivy2\cache\org.apache.tika\tika-parser-pkg-module\test-jars</OrigFolder>
<Comment></Comment>
<Virus>Other:Malware-gen [Trj]</Virus>
<Category>Vir</Category>
<Restore>yes</Restore>
<TransferTime>1720617347</TransferTime>
<FileSize>1596502</FileSize>
<Viruses>Other:Malware-gen [Trj]|OB2-7FFF03FE5F0C72AC57F598A93257AF00|troj;A1080974770e6</Viruses>
</ChestEntry>
</aswObject>

It's even quarantined a, well, jpg file.



Is there a way to get more details on why this occurred and what that "Malware-gen [Trj]|OB2-7FFF03FE5F0C72AC57F598A93257AF00|troj;A10>" is?
« Last Edit: July 10, 2024, 03:42:26 PM by sogawa-sps »

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37644
  • F-Secure user
Re: Apache Tika marked as a malware
« Reply #1 on: July 10, 2024, 07:41:55 PM »
Quote
Malware-gen [Trj]
Generic-Detection

Quote:F-secure Labs

A generic detection has identified a program or file that has features or behaviors similar to known harmful programs, such as trojans, backdoors or exploits.

Security programs use generic detections that look for broad patterns of code or behavior to identify similar programs or files.

If you suspect the file was incorrectly detected, report it to avast lab
https://forum.avast.com/index.php?topic=14433.msg1289438#msg1289438


Offline sogawa-sps

  • Newbie
  • *
  • Posts: 2
Re: Apache Tika marked as a malware
« Reply #2 on: July 10, 2024, 07:49:51 PM »
Thank you, will do.

I actually was looking for ways to report it, but there were no obvious means to do so.
« Last Edit: July 10, 2024, 07:54:28 PM by sogawa-sps »