Could you have this verified somewhere? I have been running this tool in many places without any indication of malware.

// Linjo

I opened a ticket with Dell/Sonicwall that is reporting the detection.

I personally cant download the tool because of the detection but it looks like you are not having any problems.

If you don't use a Dell/Sonicwall then everything should be good.

Its funny that the sonicwall is detecting a Trojan from the labs website on a tool that you would run on all of your master images, but when I downloaded other tools from the same labs.vmware website it did not block them and detect a Trojan.

Hi,

I received word this was triggered on a sonicwall as well - I'm looking into it now but there should be no virus. We've scanned the binary several times and have no viruses detected, nor should there be one since this was built from source. I'll be engaging our internal security just to be on the safe side and have the download analyzed for any issues.

Thanks for letting us know, but this should be considered safe.

Not sure what kind of detection was supposed to trigger it, but virustotal.com shows that not a single out of 52 virus scanners detects malicious code in the package:

https://www.virustotal.com/en/file/49bd1ac9f8f58dcd76bd1701aadd5b30ae64864d48bcff01ecf394595467e9c1/...

MKguy,

Agreed - as I mentioned, this was built from source and zipped on my dev machine so it should be good. I'm not sure why the Dell 4500 or Sonicwall are triggering false positives on this, but we're looking into it. The download should definitely be considered safe.

Hi guys,

I'm one of the developers of this Fling. Rescanned the binary downloaded from web site with McAfee, as well as online scanners like the following one, and not a single out of 39 scanners reports virus.

VMwareOSOptimizationTool2014.zip MD5:356eb358126538639f18d6e3e2bbe1f1 0% Scanner(s) (0/39) found mal...

Probably a fake report by the specific firewall?

Just to follow up and tie up loose ends, I had VMware's security team which has some really smart security experts do a full analysis on the binary and site. There was no threat's shown by either and both are verified safe.

Thanks for bringing this to our attention, but it has been verified a false positive. I would contact Dell/SonicWall to let them know in the matter.

Good news, thanks for everybody checking.

• This was a critical issue for us in a corporate environment as we have to adhere to our own security rules regardless of if we believe something is not true. The severity of a zbot Trojan on a master image could literally destroy everything for us and crash our entire Horizon View environment.
• I had opened a ticket with DELL the same day this issue was discovered with the file and/or website and/or the plugin button for the download used for this file from the labs.VMware website.
• We were not sure if a round robin was going on with the download button pointing to download1, download2, download3...and so on. But we were consistently being redirected to download3.

The combination of having to agree to "not use in a production environment", and the Trojan warning set off some serious red flags for us.

It looks like either Dell has whitelisted this for their SonicWall customers or something was fixed at VMware.

As of 9/10/14 I can now download the file behind our "Gateway Antivirus Service".