Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

TraktForVLC_2.0.0a2.dev19.g7851368_windows_x64.exe considered virus by Kaspersky #125

Open
dariottolo opened this issue Jul 25, 2018 · 2 comments
Open

TraktForVLC_2.0.0a2.dev19.g7851368_windows_x64.exe considered virus by Kaspersky #125

dariottolo opened this issue Jul 25, 2018 · 2 comments

Comments

@dariottolo
Copy link

Dear all,

I tried to install on a Windows machine running Kaspersky Internet security.
If I scan the installation file KIS says it's safe.
Once I run it, the installation is blocked and KIS deletes even the installation file with the following error:

25.07.2018 19.09.05;Removed malware;PDM:Trojan.Win32.Generic;D:\Downloads\TraktForVLC_2.0.0a2.dev19.g7851368_windows_x64.exe;d:\downloads\traktforvlc_2.0.0a2.dev19.g7851368_windows_x64.exe;07/25/2018 19:09:05
I would prefer not to disable the antivirus in order to install, and I am not sure it will not be deleted once I restart it.

Thank you in advance.

Regards
@XaF
Copy link
Owner

XaF commented Jul 25, 2018

Hi @dariottolo,

This is kind of weird that this is identified as a malware. It might be because on windows, the tool needs to open a port to communicate between the python and lua parts of the tool.

At which step of the install process does Kaspersky remove it?

Is there a way to have more details about the reason why it finds it as a malware? (win32 generic is weird...)

Has this happened multiple times?

Might be interesting to inquire more on the Kaspersky side, as - except if it has been tampered with during your download - this is just a Python script bound together with pyinsgaller. I will probably need to add the sha1/md5 of the files on the download page in order to insure that the file you downloaded is the actual file provided on the website!

@dariottolo
Copy link
Author

dariottolo commented Jul 25, 2018
edited

Thanks for your reply.

Those are the steps:

  • download the installation file from github
  • scan it with Kaspersky: it says it's clean
  • run your installation file as administrator
  • a cmd window opens, with vlc parameters. I type "y" and hit "enter"
  • at this point Kaspersky Internet Security says there is an infection. It stops the installation process and delete the installation file.

I attach you the most detailed log I could produce.

The type of warning is very generic, but I have no idea if it is a standard error message Kaspersky displays if it can not identify the threat as a virus it knows, but still feels something wrong is happening.

And it happened a few weeks ago, in the same way. I can not remember which version I was trying to install.

As I wrote earlier, I do not think the problem is with the file I downloaded, because if I scan it, Kaspersky says there are no issue. The problem is that during the installation process, Kaspersky think something is behaving like a virus, maybe modifying some "system file", therefore stopping the thing and deleting every file involved.

I know I am asking too much, but if you want to replicate the issue, they offer some trial version. I am running KIS 19.0.0.1088

Thank you very much for your attention.

Regards

log.txt

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@XaF @dariottolo