Hi,
I work at Geospan Corp, and I'm developing an OSS 'processing pipeline' for converting and inserting geographic coordinates into SVG files.
A major component in this evolving process and pipeline development project is "inkscape". It plays a pivotal role and will be deployed to about a dozen stations once passing QA. At this company, the IT folks have installed a set of security software products from Fortinet for our anti-virus, VPN, firewall.
Each client is setup to do a system wide scan every day or week (mine is set to a daily scan). As you might have guessed, yesterday after performing the 'threat scan' of my computer, my Fortinet client reported malware in the 'inkscape.exe'. Given the AV software was set-up to react to this 'potential serious threat' it promptly locked down the application and made it such it could not be run. I hasten to note that 'the malware signature' appears to have been 'a new addition' to Fortinet's Threats database (see attached screenshot). For the record, inkscape was operational and performing as expected prior to the 'discovery, lockdown and quarantine'.
I uninstalled inkscape and removed all of the files. I then pointed my browser back to inkscape.org and downloaded a 'new' install executable.
The installation was halted when it came to transferring/loading 'inkscape.exe' which it reported as being 'infected'. The reported malware is identified as W64/Agent.5892!tr.
For the record, I've submitted a report to Fortinet to see what they have to say.
OK, my question is - is this the place to report this issue?, or should this go to the developers forum?
My next questions are - are we stuck finding out if this is a false positive or the 'real deal' from Fortinet's AV engine? is flagged' by any other AV engines?
Any advice or direction would be most welcome.
I am a humble inkscape newbie and just want to get back to work (with inkscape) and help out the community from getting unnecessary headaches and downtime, if possible.
Thanks, JLB
