wealthfolio icon indicating copy to clipboard operation
wealthfolio copied to clipboard
verified publisher icon afadil

Windows release of 1.1.0 is flagged by Kaspersky as containing PDM:Trojan.Win32.Generic

Open gmeligio opened this issue 7 months ago • 4 comments

I just upgraded to 1.1.0, which was detected and deleted by the Kaspersky Standard I have on my computer.

Versions

Wealtfolio version: 1.1.0 Kaspersky Standard version: 21.20.8.505 Windows 11 version: 10.0.22631

Log

Event: Malicious object detected Application: Wealthfolio User: DESKTOP-123\User User type: Initiator Component: System Watcher Result description: Detected Type: Trojan Name: PDM:Trojan.Win32.Generic Threat level: High Object type: Process Object path: C:\Windows\Installer\Config.Msi Object name: 32770ac.rbf Reason: Behavior analysis Databases release date: Yesterday, 18/05/2025 18:22:00 MD5: C5120E62565F4EA0A2F74D8EEFA4CE6F

Image

gmeligio avatar May 19 '25 07:05 gmeligio

This probably because Windows installer is not signed. https://v2.tauri.app/distribute/sign/windows/

afadil avatar May 19 '25 19:05 afadil

That's probably it. Is it possible to sign the Windows release?

gmeligio avatar May 19 '25 21:05 gmeligio

Will probably do soon. I need to buy a signing certificate. Tauri signing Procedure is here : https://v2.tauri.app/distribute/sign/windows/

afadil avatar May 20 '25 22:05 afadil

Thanks. That would be great. I was looking into it a little bit and found in this issue https://github.com/sigstore/fulcio/issues/250#issuecomment-2357533005 that you can maybe find a free code signing certificate.

It looks like https://signpath.org/ supports free code signing for open source projects like wealthfolio

gmeligio avatar May 21 '25 07:05 gmeligio