Shavlik Patch Installation Executable Flagged by AntiVirus

Version 17

    Purpose

     

    This document explains how to verify our Shavlik Patch executable is free of malware and signed by shavlik

     

    Symptoms

     

    When attempting to download Shavlik Patch for SCCM 2.2, the download is blocked and flagged as "Adware/BroswerFox", or something similar. This usually happens with Fortinet, although a few other AV engines flag it as well.

     

    Resolution

     

    The following link is an analysis of the download URL, showing an overwhelming majority of engines reporting the download as clean.

     

    Scan report for http://rs.shavlik.com/downloads/sccmpatchsetup_2_2_568.exe at2016-06-30 03:47:34 UTC - VirusTotal

     

    To ensure the file hasn't been tampered with, download it to a safe location, and then check the MD5 checksum. This can be done with sites such as Online MD5 Hash Generator & SHA1 Hash Generator, or your favorite local checksum generator.

     

    The results should match those of the image below

    Screenshot_1.png

    You can also check the Digital Signature of the file by navigating to the file, right click > Properties > Digital Signatures. The Signer is Shavlik, the Digest Algorithm is sha256

    Screenshot_4 (1).png

     

    Additional Information

     

    Uploaded File Analysis - Virustotal https://www.virustotal.com/en/file/10f971d2013b262f2b9a2bb2d8b777b5d00ea628b4e30c8382dd984d03b7bad0/analysis/

    Uploaded File Analysis - MetaDefender: https://www.metadefender.com/#!/results/file/9eaa0cf417c4422daab9dee9b96d9ca0/regular/

     

    Affected Product(s)

     

    Shavlik Patch 2.2