A total refund for pro version I paid
Threat: Infected archive
Detected by module: Scanner
Time of detection: 12/22/25 11:57 PM
Object name: app.asar
Owner: root
Modified: 12/22/25 11:57 PM
Size: 98.20 MB
Path:
/snap/mailspring/550/usr/share/mailspring/resources/app.asar
Last action: Delete; Result: Failed - Permission denied.
Detected threats:
app.asar/_postinstall.js - infected with JS.Siggen5.44590
A few minutes of googling will confirm that a particular library (I’m guessing es5-ext?) is flagged as a “Virus” by a Russian anti-virus for reasons that are are more, well, political versus actually malicious:
It is not a virus.
One of the software libraries I rely on to create the Social Stream Ninja (standalone app) is es5-ext. Since 2022, that library began printing to the developer output an Anti-War message when it is installed/compiled. The message only targets Russian software developers who are using the library, based on their time-zone settings.
The message essentially reads: Russia’s invasion of Ukraine, the largest European conflict since WWII, has caused massive casualties and is fueled by government censorship. Seek out alternative views to help prevent further conflicts.
VirusTotal shows that only DrWeb lists it as a virus. DrWeb is a Russian anti-virus scanner and considers the message malicious.