[Invalid] trojan

Archive of historical bug reports.
Please use the GitHub link above to report issues.
Forum rules
*******************************
Please be aware we are now using GitHub for issue tracking and feature requests.
- This section of the forum is now closed to new topics.

*******************************
Post Reply
bucaneiro
Posts: 6
Joined: Thu Jul 07, 2016 1:24 am

[Invalid] trojan

Post by bucaneiro » Thu Jul 07, 2016 1:27 am

Please describe the problem in as much detail as possible:
HandBrake-20160705-7745f42_x86_64-Win_GUI.exe Download 816ca9045d48f31c513867dbb39ab0f017005765

06.07.2016 22.19.33;O objeto detectado (arquivo) foi excluído.;C:\Program Files\HandBrake Nightly\uninst.exe;C:\Program Files\HandBrake Nightly\uninst.exe;Trojan-Ransom.NSIS.Onion.xfy;Cavalos de Troia;07/06/2016 22:19:33

detected with kaspersky

bucaneiro
Posts: 6
Joined: Thu Jul 07, 2016 1:24 am

Re: trojan

Post by bucaneiro » Thu Jul 07, 2016 1:24 pm

06.07.2016 22.19.33;O object detected (file) was excluded.;C:\Program Files\HandBrake Nightly\uninst.exe;C:\Program Files\HandBrake Nightly\uninst.exe;Trojan-Ransom.NSIS.Onion.xfy;Trojan horse;07/06/2016 22:19:33

Woodstock
Veteran User
Posts: 3213
Joined: Tue Aug 27, 2013 6:39 am

Re: trojan

Post by Woodstock » Thu Jul 07, 2016 1:39 pm

Submit the link you downloaded from to your antivirus program's test site. Quite often, antivirus products use overly-broad tests, with the idea that it is better to have 99 false positives than miss 1 real threat. There are some tests that would flag important Windows files as dangerous, but there are exclusions written into the programs to let them go.

That problem showed up a couple of months ago over on the MakeMKV forum - because the update server is in Russia, one antivirus vendor flagged it as malware, until someone submitted the download link for review. Just as quickly as it was flagged as malware, it was flagged as being safe.

Extee
New User
Posts: 1
Joined: Sat Jul 09, 2016 11:33 pm

Re: trojan

Post by Extee » Sat Jul 09, 2016 11:40 pm

I just got a trojan detection from Microsoft Security Essentials on Windows 7.
It didn't like the C:\Program Files\HandBrake Nightly\uninst.exe file and quarantined it due to "Trojan:Win32/Rundas!plock"
This was while installing the latest nightly build
HandBrake-20160709-0fc54d0_x86_64-Win_GUI.exe

I submitted the file to Microsoft here:
https://www.microsoft.com/en-us/securit ... ubmit.aspx

But I'm not sure if I need to extract the files and submit that one separately?

Post Reply