Trojan detected for Ventoy2Disk.exe #31
Comments
|
I second this. |
|
Same goes for Sophos Endpoint Protection |
|
The detections on VirusTotal is up to 19. I ran the app in Windows Sandbox and didn't see anything wrong, but the detection rate is concerning for people who care to look.
|
|
Same for Bitdefender. Says it found Trojan.GenericKD.33781261 in the zip file. |
|
@ventoy can you please have a look about this please? |
|
Currently I have no idea about this. Any suggestions? |
|
There has to be some kind of behavior in the code that the AV's don't like to see. Either that or you have used source code that was used previously in some kind of malware. That's my best guess. |
|
Hi, |
|
@ventoy I dig into support channels. Here is a list, you could submit reports to be whitelisted! I picked all false positive vendors from Virus Total.
EDIT1: I removed the false positives reported by older VT submissions |
|
Hi, what about for windows defender? |
|
Acronis claims it modifies the Master Boor Record. Of which disk, Acronis is yet to say. However, Acronis is kind enough to bug out for 30 minutes before finally blocking it. Edit: Then Acronis actually failed to block it. Better look up my build number before I post on their forums... |
|
yeah the behavior is not using DLL injection to get past AV. lmao |
|
Windows Defender found and kicked the Ventoy.exe, pointing out Trojan:Win32/Phonzy.C!ml. Ver.1.0.58 |
|
Just tested ventoy-1.0.81-windows.zip on virus total and got one flag: Trojan.Malware.300983.susgen by MaxSecure
|
When extracting on windows, the Ventoy2Disk.exe is getting flagged and deleted by McAfee
Is this false positive?
I have also checked on VirusTotal and attached a screenshot
The text was updated successfully, but these errors were encountered: