Gary Ewan Park
Gary Ewan Park
@SeanKilleen is there a reason that you closed this issue?
> @goshostoychev said... You can reproduce the issue by deleting the chocolatey folder in ProgramData and run the choco install script. This time, our antivirus said that the "infected" file...
And it you delete this file, and attempt the re-installation again? And, just to confirm, you are executing: ``` Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex...
> @goshostoychev said.... Yes, we are deleting the whole choco folder and we are re-installing it Can I ask that you be very clear about what you are referring to?...
Thank you for the clarification! During the fresh installation of Chocolatey CLI, the contents of the Chocolatey nupkg will be extracted to the TEMP folder, this is normal behaviour. What...
> @goshostoychev said... Did you made any changes your side or maybe after the next update of the antivirus definitions of ESET, the file is no longer marked as malicious?...
@goshostoychev given that this appears to be an isolated incident (i.e. we are not seeing this being reported by lots of people), I don't think there is anything that needs...
@m4ttyj can you confirm what anti-virus you are using, and what file it was triggering on?
@m4ttyj thank you for providing that screenshot. I am not sure how much help we will be able to be with this report. Chocolatey CLI does not install into that...
> @m4ttyj said... ESET deletes the file. Thank you for confirming, this helps with understanding what is going on, and answers some of the internal discussions that we have been...