You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Kaspersky Antivirus is identifying Podman 5.0.2 windows installer as containing a trojan:
Evento: Objeto malicioso detectado
Usuário: \lucio
Tipo de usuário: Iniciador
Nome do aplicativo: msiexec.exe
Caminho do aplicativo: C:\Windows\System32
Componente: Proteção Contra Ameaças ao Arquivo
Resultado da descrição: Detectado
Tipo: Cavalo de Troia
Nome: UDS:Trojan-Downloader.Win32.Agent.xycrkr
Precisão: Exatamente
Nível de ameaça: Alto
Tipo de objeto: Arquivo
Nome do objeto: podman.msi
Caminho do objeto.: C:\Users\lucio\scoop\apps\podman\5.0.2_tmp\AttachedContainer
SHA256 de um objeto: 7782D13A50F1A181C32E468F31503A494365D5AD1AB3D9427886DE5E30055EF7
MD5 de um objeto: 3F27E0C48207CFD2E843720DE5A06FDC
Motivo: Proteção na Nuvem
If installing Podman 5.0.2 with the stand-alone installer, the installation goes well, but Kaspersky identifies podman.exe as "UDS:DangerousObject-MultiGeneric" threat:
Evento: Objeto malicioso detectado
Usuário:
Tipo de usuário: Iniciador
Nome do aplicativo: msiexec.exe
Caminho do aplicativo: C:\Windows\System32
Componente: Proteção Contra Ameaças ao Arquivo
Resultado da descrição: Detectado
Nome: UDS:DangerousObject.Multi.Generic
Precisão: Exatamente
Nível de ameaça: Alto
Tipo de objeto: Arquivo
Nome do objeto: podman.exe
Caminho do objeto.: C:\Program Files\RedHat\Podman
SHA256 de um objeto: 1DBFC814CBFBA1241CD45695570319025D615F030E6C36D9E45EDA957E675834
MD5 de um objeto: FB9ABC9A143CCB1C3D084F3D6B920FDF
Motivo: Proteção na Nuvem
luciodaou
changed the title
Kaspersky identifying 5.0.2 installer as trojan
Kaspersky identifying 5.0.2 installer and main executable as trojan
Apr 25, 2024
I don't see how there is anything we can do about this, unless you can show us that this is not a false positive
Thanks for the heads-up. I had no problems reinstalling 5.0.1, so I pinned the version in scoop.
Curiously, as one of the links mentions the same issue with version 4.0.2, I'm wondering if there's something with the 0.2 subversion helping to trigger antivirus software.
Issue Description
Kaspersky Antivirus is identifying Podman 5.0.2 windows installer as containing a trojan:
If installing Podman 5.0.2 with the stand-alone installer, the installation goes well, but Kaspersky identifies podman.exe as "UDS:DangerousObject-MultiGeneric" threat:
This is similar to containers/podman-desktop#700 , but not with Podman Desktop.
Steps to reproduce the issue
Steps to reproduce the issue
scoop install podman
or install with standalone installer.Describe the results you received
Kaspersky identifies Podman installer and podman.exe as threats.
Describe the results you expected
Podman should be installed and run normally without issues.
podman info output
Podman can't be run as Kaspersky blocks it.
Podman in a container
No
Privileged Or Rootless
None
Upstream Latest Release
Yes
Additional environment details
Win11 x64
Additional information
Never had problems before with Kaspersky and Podman.
Installation of version 5.0.1 with scoop or standalone installer works fine without issue.
The text was updated successfully, but these errors were encountered: