TraktForVLC_2.0.0a2.dev19.g7851368_windows_x64.exe considered virus by Kaspersky

[dariottolo]

Dear all,

I tried to install on a Windows machine running Kaspersky Internet security. If I scan the installation file KIS says it's safe. Once I run it, the installation is blocked and KIS deletes even the installation file with the following error:

25.07.2018 19.09.05;Removed malware;PDM:Trojan.Win32.Generic;D:\Downloads\TraktForVLC_2.0.0a2.dev19.g7851368_windows_x64.exe;d:\downloads\traktforvlc_2.0.0a2.dev19.g7851368_windows_x64.exe;07/25/2018 19:09:05 I would prefer not to disable the antivirus in order to install, and I am not sure it will not be deleted once I restart it.

Thank you in advance.

Regards

[XaF]

Hi @dariottolo,

This is kind of weird that this is identified as a malware. It might be because on windows, the tool needs to open a port to communicate between the python and lua parts of the tool.

At which step of the install process does Kaspersky remove it?

Is there a way to have more details about the reason why it finds it as a malware? (win32 generic is weird...)

Has this happened multiple times?

Might be interesting to inquire more on the Kaspersky side, as - except if it has been tampered with during your download - this is just a Python script bound together with pyinsgaller. I will probably need to add the sha1/md5 of the files on the download page in order to insure that the file you downloaded is the actual file provided on the website!

[dariottolo]

Thanks for your reply.

Those are the steps:

• download the installation file from github
• scan it with Kaspersky: it says it's clean
• run your installation file as administrator
• a cmd window opens, with vlc parameters. I type "y" and hit "enter"
• at this point Kaspersky Internet Security says there is an infection. It stops the installation process and delete the installation file.

I attach you the most detailed log I could produce.

The type of warning is very generic, but I have no idea if it is a standard error message Kaspersky displays if it can not identify the threat as a virus it knows, but still feels something wrong is happening.

And it happened a few weeks ago, in the same way. I can not remember which version I was trying to install.

As I wrote earlier, I do not think the problem is with the file I downloaded, because if I scan it, Kaspersky says there are no issue. The problem is that during the installation process, Kaspersky think something is behaving like a virus, maybe modifying some "system file", therefore stopping the thing and deleting every file involved.

I know I am asking too much, but if you want to replicate the issue, they offer some trial version. I am running KIS 19.0.0.1088

Thank you very much for your attention.

Regards

log.txt