If you right click it and go to details, it does properly label itself as "aniDL.exe". There is a bug report for the exact version of pkg I currently use, so I should look into updating the pkg dependency: Ĭlick to expand.I appreciate that, I also looked into a little more on my own, and on my own system this is how it appears.Īs for why it's called "Windows PowerShell" good question, but that's the title of the window (notice it has the Nodejs logo). The packager we use for reference is node pkg. I actually stopped using Electron because that was an issue. I believe it to be a false positive raised from the upstream package we use to actually bundle the software. UPDATE: For additional information, here are the virustotal results for the 7z of the gui for windows, and the executable itself respectivelyġ) I am, though I'm not sure what causes it. It does this by making use of node.exec, which can be seen in the compilation file (tsc.ts & build.ts), and the merger file in ()Īll in all, I appreciate the concern and I hope this answers your questions! There is a bug report for the exact version of pkg I currently use, so I should look into updating the pkg dependency: Ģ) I don't believe so, I'm aware bit defender doesn't like the curl requests we make sometimesģ) It is absolutely a false positive and not a security threat, the code is completely open source and you can compile it yourself if you wishĪs for the powershell, I don't believe it does make use of powershell, but it does execute commands on the system for merging files using mkvmerge or ffmpeg (depending on what's available). Your timely response and clarification on these matters would greatly relieve my worries and assure me of the safety of your software.Ĭlick to expand.1) I am, though I'm not sure what causes it. These concerns are particularly relevant given the Trojan detection in a tool that invokes PowerShell, which raises the possibility that the tool could misuse PowerShell for malicious activities. Given the potential security risks associated with PowerShell (if invoked or controlled by malicious programs), such as execution of malicious scripts, bypassing security measures, and potential for "living-off-the-land" attacks, I would appreciate your clarification on why your software requires it. Can you confirm this is a false positive and not an actual security threat?Īdditionally, I noticed that your software makes use of PowerShell.Are there any elements of your software that could lead an antivirus program to flag it as a Trojan?.Could you let me know if you're aware of this issue? Has any other user reported it?.I have the following questions for your attention: However, considering the potential damage a real Trojan could inflict, I am sure you can appreciate my concern. I understand that antivirus detections can sometimes yield false positives, particularly when sophisticated scripting or programming methods are involved. The scan reported a potential Trojan: "32.2853154". I downloaded and ran your software and performed a routine security scan using antivirus software and OSINT.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |