FastFlix icon indicating copy to clipboard operation
FastFlix copied to clipboard

Published 20 hours ago verified publisher icon cdgriffith

Fastflix is detected as Trojan since today

Open MrWGT opened this issue 2 years ago • 3 comments
trafficstars

FastFlix Version: 5.5.7 downloaded from github releases

Operating System: Win 11 Describe the bug A clear and concise description of what the bug is.

Win 11 detects Fastflix since today as

Trojan:Win32/Bearfoos.A!ml Detected by Microsoft Defender Antivirus

and is automatically removed.

To Reproduce Steps to reproduce the behavior Don't know? Latest Defender Update?

Screenshots If applicable, add screenshots to help explain your problem.

Logs (If applicable) In FastFlix you can go to Help > Open Log Directory and sort by latest to find the newest log file to add here.

Please make sure to remove any personal information or video names in the screenshots and logs!

MrWGT avatar Oct 02 '23 15:10 MrWGT

VirusTotal doesn't seem to detect this on the zip: https://www.virustotal.com/gui/url/244111ae3eb22bbb5367cf2971e982d095f5b39a059abad53dc22640457c090b

But def detects it on the exe for several antivirus: https://www.virustotal.com/gui/file/0e3df4b2a588fa2941d0f8e0a316e5257387e8adac1f1335c5572ac11f43028f

The latest installer does not have the issue: https://www.virustotal.com/gui/url-analysis/u-9d8b73405f06dc956a18024aaafd97d9723edc72f43701967605dc62660ab69a-1696610155

The latest mac executable doesn't seem to have such an issue: https://www.virustotal.com/gui/file-analysis/MTU5N2U0NjNmNTlkNjUwOWYwYmQ3MjY0NjE1ZDhmM2E6MTY5NjYxMDExNQ==

RayBB avatar Oct 06 '23 16:10 RayBB

Anytime there is a Pyinstaller update it will probably be re-flagged by some. As I use the same program to create the EXE as a lot of others, plenty of whom do so maliciously, the anti-viruses understandably err on the side of caution.

~~Basically make sure the EXE has been digitally signed by me and should be safe https://github.com/cdgriffith/FastFlix/issues/274#issuecomment-959717295~~

EDIT: No longer signed after 2024-10-11 - https://github.com/cdgriffith/FastFlix/issues/595

cdgriffith avatar Nov 05 '23 20:11 cdgriffith

Just for your awareness, the installed exe also have this problem.

afbeelding

unggulzmalqp avatar Nov 09 '23 07:11 unggulzmalqp

FastFlix executables are getting tripped as virus on some AVs such as bitwarden. If that happens to you,

  1. ~~Double check the EXE is digitally signed by me (right click, properties, digital signatures. Should show "Chris Griffith").~~
  2. Report it to your AV provider as a false positive.

This happens when the packager PyInstaller (the thing used to make the EXEs for windows) updates to newer versions. Due to everyone, including bad actors, using it to make EXEs, so new malware is found with similar code and they flag anything close.

This can affect both the installer itself, as well as the FastFlix.exe executable.

EDIT: No longer signed after 2024-10-11 - https://github.com/cdgriffith/FastFlix/issues/595

cdgriffith avatar Jun 16 '24 23:06 cdgriffith