BitDefender Detecting Infected Web Page (Gen:Variant.Cerbu.197687 Crypto Locker Ransomware)

ionet-official / io_launch_binaries

73 stars 47 forks source link

BitDefender Detecting Infected Web Page (Gen:Variant.Cerbu.197687 Crypto Locker Ransomware) #26

Closed jwbats closed 6 months ago

jwbats commented 6 months ago

I'm running BitDefender and am getting this for download the .exe.

Infected web page detected
3 minutes ago

Feature:
Online Threat Prevention

We blocked this dangerous page for your protection:
https://raw.githubusercontent.com/ionet-official/io_launch_binaries/main/io_net_launch_binary_windows.exe
Dangerous pages attempt to install software that can harm the device, gather personal information or operate without your consent.

I'm assuming this is a false positive, and still want to download it.

When I add the URL as an exception, it does not work.

When I add the folder, to which I'm trying to download it, as an exception, it also doesn't work.

When I temporarily disable BitDefender's 'Shield' feature, it also does not work.

For the life of me, I cannot download this file.

jwbats commented 6 months ago

Turning off web protection helped, but then it starts disinfecting the file.

jwbats commented 6 months ago

The message:

The file D:\Downloads\_Chrome\Unconfirmed 458444.crdownload is infected with Gen:Variant.Cerbu.197687. The threat has been successfully blocked, your device is safe.

The solution might be to just add an icon to the .exe:

https://stackoverflow.com/questions/58010466/bitdefender-detects-my-console-application-as-genvariant-ursu-56053

jwbats commented 6 months ago

This virus is apparently a crypto locker ransomware.

https://www.pcrisk.com/removal-guides/29737-diamond-duckcryptor-ransomware

Anyway, I'm not risking it anymore.

ilkhom19 commented 6 months ago

We are currently getting a certificate by Microsoft, so till then it will warn it as a virus

jwbats commented 6 months ago

It didn't do that with a previous version, that I tried a few weeks earlier.

But it turned out my GPU wasn't even supported, so...

ilkhom19 commented 6 months ago

we have just released .exe binaries for windows, before there were none

jwbats commented 6 months ago

Maybe it was an installer, then?

I know for a fact I ran this command a few weeks ago, on my first attempt.

No BitDefender warnings, back then.

ilkhom19 commented 6 months ago

maybe you ran ubuntu binary in WSL?

jwbats commented 6 months ago

No, I'm on a Win10 machine. That's where I ran it on.

The .exe was recently committed. It's definitely a newer version than the one I had before.

Maybe I ran an installer a few weeks ago?

Don't remember the detes.

ilkhom19 commented 6 months ago

can you try the latest .exe ?

jwbats commented 6 months ago

jackseg80 commented 6 months ago

Hi, same problem with Windows Defender on W11.

ilkhom19 commented 6 months ago

Please update the binary to the latest version and try again. We have signed the Windows binaries with DigiCert Certificate