So, I tried to install lidarr on my windows machine via the exe on the website, but my antivirus flagged it immediately. I am sure i could just work around this by disabling the antivirus for a bit or by composing it manually, but for all I know maybe someone inserted some malicious code. Is this an issue y’all have noticed? How can I tell if this is actually malicious?
Wonderful day!
Depending on the anti-malware, it may be either a known signature, or heuristics.
- In case of the former, the signature may be a just a single use of function inside the safe program that matches with a malware that uses the same (e.g., in a thread or memory range the anti-malware probed);
- Heuristics - May just be too restrictive local security settings;
Yet, if you don’t have enough time to investigate it locally in isolated environments as virtual machines/containers, debugging syscalls and activities in file-system, memory, network etc., there are less manual or outsources, options, including the common know ones:
- https://opentip.kaspersky.com/
- https://opentip.kaspersky.com/requests
- https://www.virustotal.com/gui/
- https://any.run/
Please stay safe!
Thanks for the diagnostic tools! According to the tools, the software is probably safe, so I guess I’m gonna be trying disabling the antivirus while I install and hoping that avoids the problem. I’ll keep those tools bookmarked for future use.
I personally find it funny that when I ran it through VirusTotal, there were only four antivirus vendors that marked it as malware, and the only two I have ever used were among them. It feels nice seeing my antiviruses being as paranoid as I think an antivirus should be.