thanks a lot for the support,
upgrade did work out great in the end,
just had to update the IIS bindings and certificates back to the customized ones
Posts made by kf
-
RE: ProGetSetup5.3.6.exe - Kaspersky malware finding
-
RE: ProGetSetup5.3.6.exe - Kaspersky malware finding
A last question:
Is it somehow possible to repair a ProGet installation?
My installation is broken (at least it is nowhere shown as installed anymore, but services are still running and working).
So when running ProGetSetup5.3.6.exe, it shows initial setup screens instead of the upgrade screens.I would be grateful for tips on this, thank you very much!
-
RE: ProGetSetup5.3.6.exe - Kaspersky malware finding
Good news, they analyzed the installer again and confirmed a false-positive, they will update the detection database
Kasperskys answer:
Hello,Sorry, it was a false detection. It will be fixed.
Thank you for your help.Best regards,
Igor Loshchakov, Malware Analyst, Kaspersky -
RE: ProGetSetup5.3.6.exe - Kaspersky malware finding
Thank you for your anwer.
We will contact kaspersky and keep you updated. -
ProGetSetup5.3.6.exe - Kaspersky malware finding
Kaspersky Security for Windows Server 10.1.2.996 blocked the installation of ProGet5.3.6.exe because of malware (blocked file was LoupeViewer.exe, see screenshot at the end).
This happended when I tried to update ProGet to version 5.3.6 via ProGetSetup5.3.6.exe downloaded from https://my.inedo.com/downloads using „Traditional Installer“ link (https://my.inedo.com/services/legacy/downloads/proget/sql/5.3.6)
VirusTotal check result: 23 engines detected this file
https://www.virustotal.com/gui/file/51323ca85048c062d0336258d2f879f8e2eb9005ecff6feb6a5e87e9e1273727/detectionWe also contacted Kaspersy directly to clarify wether this is a false positive or not, sadly it is no false-positive.
Answer from Kaspersky:
Dear Sir or Madam,I would highly recommend to trust Kaspersky Enpoint Security, Security for Windows Server and Opentip.
It´s not an false positive.It´s an already known Malware / Trojaner, as UDS:Trojan.MSIL.Dnoper.agl.
You can read more about it here: https://threats.kaspersky.com/en/threat/Trojan.MSIL.Miner/Kaspersky Threat Intellligence portal report: https://opentip.kaspersky.com/845F0E5E391D7DA49CA546BEEAD97BFC0952E162F14AB32B7E8756B601B21D4E
Could you please check this and provide a cleaned installer?