sabrogden / Ditto

Ditto is an extension to the Windows Clipboard. You copy something to the Clipboard and Ditto takes what you copied and stores it in a database to retrieve at a later time.
https://ditto-cp.sourceforge.io/
3.94k stars 208 forks source link

Ditto.exe detected as malware #322

Open flatlinebb opened 2 years ago

flatlinebb commented 2 years ago

BitDefender is detecting the Ditto executable as malware and it keeps blocking from functioning:

image

Detection details THREAT INFO Threat type: Virus Threat name: Gen:Variant.Lazy.231576 Detected on: 10 Aug 2022 10:21 Action taken: Blocked (1 times) Detecting module: Antimalware Detecting technology: On-Access FILE INFO Category: File File path: C:\Program Files\Ditto\Ditto.exe SHA256: f0657b4613f91bd8f6a676f9e30a61b53bfb522ec8c727178d99105ee22ee40c

I keep adding it exceptions, but it isn't effective - BitDefender just keeps deleting it.

SeriousHoax commented 2 years ago

BitDefender is detecting the Ditto executable as malware and it keeps blocking from functioning:

image

Detection details THREAT INFO Threat type: Virus Threat name: Gen:Variant.Lazy.231576 Detected on: 10 Aug 2022 10:21 Action taken: Blocked (1 times) Detecting module: Antimalware Detecting technology: On-Access FILE INFO Category: File File path: C:\Program Files\Ditto\Ditto.exe SHA256: f0657b4613f91bd8f6a676f9e30a61b53bfb522ec8c727178d99105ee22ee40c

I keep adding it exceptions, but it isn't effective - BitDefender just keeps deleting it.

Looks like the false positive has been fixed. BTW, is this an Enterprise Edition of Bitdefender? If I remember correctly, the home versions don't have such detailed log with hash.

flatlinebb commented 2 years ago

Yes, it's the Enterprise version. I run Ditto on my work laptop. Can't live without it.

On Thu, Aug 25, 2022 at 3:40 AM SeriousHoax @.***> wrote:

BitDefender is detecting the Ditto executable as malware and it keeps blocking from functioning:

[image: image] https://user-images.githubusercontent.com/4769578/183977766-029f7d99-b8ed-4706-8e3d-4c680cd7ca41.png

Detection details THREAT INFO Threat type: Virus Threat name: Gen:Variant.Lazy.231576 Detected on: 10 Aug 2022 10:21 Action taken: Blocked (1 times) Detecting module: Antimalware Detecting technology: On-Access FILE INFO Category: File File path: C:\Program Files\Ditto\Ditto.exe SHA256: f0657b4613f91bd8f6a676f9e30a61b53bfb522ec8c727178d99105ee22ee40c

I keep adding it exceptions, but it isn't effective - BitDefender just keeps deleting it.

Looks like the false positive has been fixed. BTW, is this an Enterprise Edition of Bitdefender? If I remember correctly, the home versions don't have such detailed log with hash.

— Reply to this email directly, view it on GitHub https://github.com/sabrogden/Ditto/issues/322#issuecomment-1227086980, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABEMOKTWUJKCKTVNJ34TQRLV25EQHANCNFSM56FKXPIA . You are receiving this because you authored the thread.Message ID: @.***>

SeriousHoax commented 2 years ago

Yes, it's the Enterprise version. I run Ditto on my work laptop. Can't live without it. On Thu, Aug 25, 2022 at 3:40 AM SeriousHoax @.> wrote: BitDefender is detecting the Ditto executable as malware and it keeps blocking from functioning: [image: image] https://user-images.githubusercontent.com/4769578/183977766-029f7d99-b8ed-4706-8e3d-4c680cd7ca41.png Detection details THREAT INFO Threat type: Virus Threat name: Gen:Variant.Lazy.231576 Detected on: 10 Aug 2022 10:21 Action taken: Blocked (1 times) Detecting module: Antimalware Detecting technology: On-Access FILE INFO Category: File File path: C:\Program Files\Ditto\Ditto.exe SHA256: f0657b4613f91bd8f6a676f9e30a61b53bfb522ec8c727178d99105ee22ee40c I keep adding it exceptions, but it isn't effective - BitDefender just keeps deleting it. Looks like the false positive has been fixed. BTW, is this an Enterprise Edition of Bitdefender? If I remember correctly, the home versions don't have such detailed log with hash. — Reply to this email directly, view it on GitHub <#322 (comment)>, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABEMOKTWUJKCKTVNJ34TQRLV25EQHANCNFSM56FKXPIA . You are receiving this because you authored the thread.Message ID: @.>

I also use Ditto, but it's not detected anymore. Bitdefender has fixed the false positive.

sjvudp commented 10 months ago

I also use Ditto, but it's not detected anymore. Bitdefender has fixed the false positive.

Anyway, the correct address would have been Bitdefender for the false alert. The author of Ditto has probably little influence on what Bitdefender does. Some "security tools" are just stupid.

SeriousHoax commented 10 months ago

I also use Ditto, but it's not detected anymore. Bitdefender has fixed the false positive.

Anyway, the correct address would have been Bitdefender for the false alert. The author of Ditto has probably little influence on what Bitdefender does. Some "security tools" are just stupid.

Yes, submitting to the vendors should be the way to go if someone is sure about something not being a malware. Most well-known security vendors are quick to fix false positives once reported.