I'm new to this software, and work in the IT department of a University. I'm trying to prep one of our computer labs for a project this week but am having an issue when downloading the most recent version of Arduino (Nightly_Build). Our corporate firewall is returning a report about the software that classifies it as malware.
Has anyone ever had this happen to them?
The report came back with the following information:
WildFire Analysis Report
File Name: arduino.l4j.ini
Uploaded by: PAN01 (S/N 0008C101225) at 2015-03-20 08:29:02 EDT
File URL: downloads.arduino.cc/arduino-nightly-windows.zip
Source IP/Port: 184.108.40.206:80
Destination IP/Port: 10.34.6.99:62395
Verdict: This sample was determined to be malware.
Summary of behaviors observed during analysis:
- Created or modified a file
- Started a process
- Modified the Windows Registry
- Modified Internet Explorer security settings
- Used the HTTP POST method
- Sent an HTTP response before receiving a request
- Created a file in the Windows folder
- Listened on a specific port
- Used SSL
- Started a process from a user folder
- Modified proxy settings for Internet Explorer
- Modified connections settings for Internet Explorer
- Attempted to sleep for a long period
As I don't have a very good understanding of how this program works, any feedback into why our system would flag it this way would be very helpful.