Navigation

    Inedo Community Forums

    Forums

    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    1. Home
    2. kf
    3. Posts
    K
    • Profile
    • Following
    • Followers
    • Topics
    • Posts
    • Best
    • Groups

    Posts made by kf

    • RE: ProGetSetup5.3.6.exe - Kaspersky malware finding

      thanks a lot for the support,
      upgrade did work out great in the end,
      just had to update the IIS bindings and certificates back to the customized ones

      posted in Support
      K
      kf
    • RE: ProGetSetup5.3.6.exe - Kaspersky malware finding

      A last question:

      Is it somehow possible to repair a ProGet installation?
      My installation is broken (at least it is nowhere shown as installed anymore, but services are still running and working).
      So when running ProGetSetup5.3.6.exe, it shows initial setup screens instead of the upgrade screens.

      I would be grateful for tips on this, thank you very much!

      posted in Support
      K
      kf
    • RE: ProGetSetup5.3.6.exe - Kaspersky malware finding

      Good news, they analyzed the installer again and confirmed a false-positive, they will update the detection database

      Kasperskys answer:
      Hello,

      Sorry, it was a false detection. It will be fixed.
      Thank you for your help.

      Best regards,
      Igor Loshchakov, Malware Analyst, Kaspersky

      posted in Support
      K
      kf
    • RE: ProGetSetup5.3.6.exe - Kaspersky malware finding

      Thank you for your anwer.
      We will contact kaspersky and keep you updated.

      posted in Support
      K
      kf
    • ProGetSetup5.3.6.exe - Kaspersky malware finding

      Kaspersky Security for Windows Server 10.1.2.996 blocked the installation of ProGet5.3.6.exe because of malware (blocked file was LoupeViewer.exe, see screenshot at the end).

      This happended when I tried to update ProGet to version 5.3.6 via ProGetSetup5.3.6.exe downloaded from https://my.inedo.com/downloads using „Traditional Installer“ link (https://my.inedo.com/services/legacy/downloads/proget/sql/5.3.6)

      VirusTotal check result: 23 engines detected this file
      https://www.virustotal.com/gui/file/51323ca85048c062d0336258d2f879f8e2eb9005ecff6feb6a5e87e9e1273727/detection

      We also contacted Kaspersy directly to clarify wether this is a false positive or not, sadly it is no false-positive.
      Answer from Kaspersky:
      Dear Sir or Madam,

      I would highly recommend to trust Kaspersky Enpoint Security, Security for Windows Server and Opentip.
      It´s not an false positive.

      It´s an already known Malware / Trojaner, as UDS:Trojan.MSIL.Dnoper.agl.
      You can read more about it here: https://threats.kaspersky.com/en/threat/Trojan.MSIL.Miner/

      Kaspersky Threat Intellligence portal report: https://opentip.kaspersky.com/845F0E5E391D7DA49CA546BEEAD97BFC0952E162F14AB32B7E8756B601B21D4E

      Could you please check this and provide a cleaned installer?

      kaspersky-finding2.png

      posted in Support
      K
      kf
    • 1 / 1