Closed centuryx476 closed 3 years ago
Also just started getting this.
Glad I'm not alone. I took FastFlix out and now doing a deep scan of the entire computer.
Thanks for the heads up, I'll send a sample to Microsoft to hopefully get that cleared up
This is most likely a byproduct of using PyInstaller / possibly UPX to package the code. As soon as other more nefarious stuff using the same packaging program everything similar gets flagged. (It's of course always possible to just run the code with Python directly so you don't have to worry about the binary packaging process having the remote chance of sneaking anything in https://github.com/cdgriffith/FastFlix#running-from-source-code )
I have submitted the false positive report to Microsoft, so now just have to wait until they check it out.
Awesome, Let's keep this open till we get a response from Microsoft or the false positive is added to the Microsoft defender list.
Ok it's cleared up. May take a few days for signatures to update in defender.
fastflix.exe
Submission ID: b43460cf-68f8-4f07-8d9c-123b40daf4f6
Status: Completed
Submitted: Jun 5, 2021 1:55:48 PM
User Opinion: PuaFalsePositive
Analyst comments:
We have removed the detection. Please follow the steps below to clear cached detection and obtain the latest malware definitions.
1. Open command prompt as administrator and change directory to c:\Program Files\Windows Defender
2. Run “MpCmdRun.exe -removedefinitions -dynamicsignatures”
3. Run "MpCmdRun.exe -SignatureUpdate"
Tree View fastflix.exe
Cloud Not malware No malware detected
Client Not malware No malware detected
Ok it's cleared up. May take a few days for signatures to update in defender.
fastflix.exe Submission ID: b43460cf-68f8-4f07-8d9c-123b40daf4f6 Status: Completed Submitted: Jun 5, 2021 1:55:48 PM User Opinion: PuaFalsePositive Analyst comments: We have removed the detection. Please follow the steps below to clear cached detection and obtain the latest malware definitions. 1. Open command prompt as administrator and change directory to c:\Program Files\Windows Defender 2. Run “MpCmdRun.exe -removedefinitions -dynamicsignatures” 3. Run "MpCmdRun.exe -SignatureUpdate" Tree View fastflix.exe Cloud Not malware No malware detected Client Not malware No malware detected
Yup, Looks like Windows Defender is happy. High Fives All around
Windows did a scan and found this