xpra icon
Bug tracker and wiki

Opened 4 weeks ago

Last modified 12 hours ago

#2088 new defect

Bitdefender Endpoint Security Tools

Reported by: stdedos Owned by: stdedos
Priority: minor Milestone: 2.5
Component: core Version: 2.4.x
Keywords: Cc:

Description

Bitdefender Endpoint Security Tools after "An update process has been completed successfully.Product version: 6.6.7.99. Engines version: 7.78724 (12155221)", started recognizing the installers from the following files as Malware

Xpra-x86_64_Setup_2.5-r21225.exe
Xpra-x86_64_Setup_2.5-r21159.exe

I have verified the hashes (but not the signatures) of the files.

I understand that it's not your fault, and that they are heuristics etc; however, if there is something you could do (or have changed) would be nice to fix it. Unfortunately Bitdefender Endpoint Security Tools does not give the "analyse" option, or anything of the sorts.

Attachments (2)

epconsole_2018-12-19_11-12-26.png (38.3 KB) - added by stdedos 4 weeks ago.
epconsole_2018-12-19_11-13-26.png (47.3 KB) - added by stdedos 4 weeks ago.

Download all attachments as: .zip

Change History (5)

Changed 4 weeks ago by stdedos

Changed 4 weeks ago by stdedos

comment:1 Changed 4 weeks ago by Antoine Martin

Owner: changed from Antoine Martin to stdedos

Can you figure out at which revision this problem started?
Can you paste the warning messages in text form? (they are truncated at the moment in the screenshot)

My best guess is #1988.
This cannot be reverted, it saves a lot of time when installing and some disk space.

comment:2 Changed 4 weeks ago by stdedos

Even Xpra-x86_64_Setup_2.3.4-r20590.exe is failing:

C:\Program Files\Xpra\Audio_Devices.exe is malware of type Gen:Variant.Fugrafa.840

Unfortunately, BEST is ... the worst in this. So, apart from the above representative message, the other one is:

C:\Program Files\Xpra\Audio_Devices.exe is malware of type Gen:Suspicious.Cloud.4.dO0@aOEgVzgi

I believe you can see enough for the messages; basically, it likes nothing executable (whether it's "named" .exe or not)

Since there are so many variants (and I already tested the oldest available from the Beta), I would appreciate if you asked me a specific version to test.

And the official version fails too:

C:\Program Files\Xpra\Audio_Devices.exe is malware of type Gen:Variant.Fugrafa.840
Last edited 4 weeks ago by stdedos (previous) (diff)

comment:3 Changed 12 hours ago by Antoine Martin

Please try the 32-bit builds and let me know if those are also detected as malware.

Note: See TracTickets for help on using tickets.