Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Windows Defender reports Trojan virus in freshly downloaded release #69

Open
LogixTheDev opened this issue Mar 31, 2024 · 8 comments
Open

Windows Defender reports Trojan virus in freshly downloaded release #69

LogixTheDev opened this issue Mar 31, 2024 · 8 comments

Comments

@LogixTheDev
Copy link

Windows Defender is reporting a Trojan:Win32/ScarletFlash!MSR threat in padlock.dll within the files downloaded from your x86_64-13.2.0-release-win32-seh-msvcrt-rt_v11-rev0.7z release package.

This could be a false positive but since I'm no expert, I'm reporting it to you either way.

image
@starg2
Copy link
Contributor

starg2 commented Mar 31, 2024

This is a duplicate of #56.

@LogixTheDev
Copy link
Author

This is a duplicate of #56.

Thanks, I had looked at that report, however they're talking about Trojan.Gen.MBT, and this is reporting Trojan:Win32/ScarletFlash!MSR. These would appear to be different.

Either way, I've done my part in due diligence... if you're confident that this is the same issue then by all means feel free to close this issue, but please do verify that this is either a false positive, or the different programs are reporting the same virus under different names (though I would think this would be unlikely, it's more likely that they are separate).

( I also don't know what's up with @sfhacker trying to downvote the issue report... I'm literally just reiterating the facts as they're presented to me. If there's a problem with the report, you need to tell me what it is. Are you unhappy because you're the one who put a virus in the file and you didn't want people to notice? That's the only reason I can think of for you to downvote a virus report! )

@ericLemanissier
Copy link
Contributor

Same thing happened for me: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?name=Trojan%3AWin32%2FScarletFlash!MSR&threatid=2147894063
@niXman do you know what this padlock.dll is used for ? Can we simply remove it ?

@niXman
Copy link
Owner

niXman commented Aug 23, 2024

do you know what this padlock.dll is used for ? Can we simply remove it ?

i dont know.
could you please research for this?

@starg2
Copy link
Contributor

starg2 commented Aug 24, 2024

padlock.dll is part of OpenSSL. It accelerates AES encryption and SHA calculation by utilizing VIA PadLock instructions supported by VIA x86 processors.

@niXman
Copy link
Owner

niXman commented Sep 3, 2024

Can we find out WHO placed that infamous DLL in this installer?

sure, - Github-Actions =)

@starg2 are these processors still being produced?
I'll paraphrase: does it make sense to supply padlock.dll as part of the builds?

@starg2
Copy link
Contributor

starg2 commented Sep 4, 2024

@starg2 are these processors still being produced?

At least, the company is still in operation...

I'll paraphrase: does it make sense to supply padlock.dll as part of the builds?

Actually no, but msys2 has been distributing it without issues.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@niXman @ericLemanissier @starg2 @LogixTheDev and others