pencil icon indicating copy to clipboard operation
pencil copied to clipboard

Published 20 hours ago verified publisher icon evolus

Windows 10 is detecting Malware in the code base

Open sgcitinnov opened this issue 8 years ago • 15 comments

  • Operating system: Windows 10
  • Pencil version: Latest build

Today I cloned the code base to find that Windows Defender is reporting the existence of a Win32/Varpes variant: https://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?name=Trojan%3aWin32%2fVarpes.M!cl&threatid=2147708972&enterprise=0

Really puts me off using Pencil - which otherwise looks great.

sgcitinnov avatar Aug 02 '16 15:08 sgcitinnov

same here, downloaded directly from the website.

ernestoamg avatar Aug 02 '16 20:08 ernestoamg

Those are false positives.

Atom has some false positives, too: atom/atom#3927 And Electron: electron/electron#4485

https://virustotal.com/en/file/aaa73a47bdbad46bc2e725f56aa44e6f5605219d5e726b9f9d9ced9077a66534/analysis/

mbrainiac avatar Aug 03 '16 03:08 mbrainiac

You submitted this file version: 3.0.0-rc.1.4, where con we download that one?

ernestoamg avatar Aug 03 '16 15:08 ernestoamg

@ernestoamg It's Pencil 3.0.0-rc.1 :)

mbrainiac avatar Aug 04 '16 07:08 mbrainiac

@ernestoamg Yes, it's the latest rc1 EXE installer available at: https://github.com/evolus/pencil/releases/download/v3.0.0-rc.1/Pencil-Setup-3.0.0-rc.1.exe

$ sha256sum Desktop/Pencil-Setup-3.0.0-rc.1.exe aaa73a47bdbad46bc2e725f56aa44e6f5605219d5e726b9f9d9ced9077a66534 Desktop/Pencil-Setup-3.0.0-rc.1.exe

dgthanhan avatar Aug 04 '16 07:08 dgthanhan

Thanks to all for the quick feedback on this one. Clearly its up to you guys in terms of what you do about this issue. I work in a research organisation on a PC that has components of the OS managed for me (such as security). Due to this problem I won't be able to use the latest version of Pencil since the OS shuts Pencil down. This is just one user story - I add it just for information.

In the meantime, keep up the good work! I'll be back using Pencil as soon as I can.

sgcitinnov avatar Aug 04 '16 08:08 sgcitinnov

I have downloaded the last RC version but the problem is still present.

gigios avatar Aug 04 '16 08:08 gigios

Same problem @gigios @sgcitinnov

leoguzmo avatar Aug 05 '16 01:08 leoguzmo

Same problem with 3.0.0-rc.1. Above this shows that this is closed. Is that fixed in file version: 3.0.0-rc.1.4? If so, where is that and why isn't it the latest download?

RonR-WebDesign avatar Aug 09 '16 00:08 RonR-WebDesign

The closed one is the #85 which is a duplication of this, not this one. The way github is showing information of related issues seems to cause to much confusion.

dgthanhan avatar Aug 11 '16 00:08 dgthanhan

This is where we are confused. Marking an issue Closed sounds like the issue is fixed.

RonR-WebDesign avatar Aug 11 '16 00:08 RonR-WebDesign

This ticket isn't closed RonR, scroll up top and note the green "Open" to confirm, tickets #85 and #111 have both been closed as duplicates of this ticket.

deserted avatar Aug 11 '16 03:08 deserted

I think the problem is with a single vendor and as such you should report the false positive to Microsoft so they can whitelist it or something.

see https://www.microsoft.com/en-us/security/portal/submission/submit.aspx

larvanitis avatar Aug 11 '16 06:08 larvanitis

Symantec Endpoint Protection has quarantined it here too so it would appear not to be a single vendor issue.

eadafm avatar Nov 30 '16 10:11 eadafm

Disabling Windows defender does the trick or just allow exceptions from the rule.

silkentrance avatar Jun 18 '21 16:06 silkentrance