Last exiftool 13.27 virus

Started by pbranly, April 09, 2025, 03:34:18 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions

pbranly

April 09, 2025, 03:34:18 AM
Hi
I have just downloaded the last version 13.27 for 64bits
The executable is recognized with a virus by my kaspersky and destroyed
Am I the only one ?
I don't have any issue with the previous 13.26 version
Thanks a lot
Phil

FixEUser

#1
April 09, 2025, 05:47:22 AM Last Edit: April 09, 2025, 06:10:26 AM by FixEUser
I see the same wie KAS v21.20.8.505, latest pattern DB:

Name: UDS:DangerousObject.Multi.Generic
MD5 Object: 7EB91B338CAD2827034828BC524B3BF2

But virustotal.com can't find anything:
https://www.virustotal.com/gui/file/e751dd50c9b4294643ea71c855f6bb135398ea101249e8d84a99a83e908fbd68

BTW: Only the 64bit version of v13.27 seems to be "false positive" by Kaspersky.
The 32bit version works fine.

FrankB

#2
April 09, 2025, 06:43:51 AM
Windows defender has no problems with the 13.27 X64 version.

Maybe report a false positive to Kaspersky?

pbranly

#3
April 09, 2025, 07:09:01 AM
I think this is a false positive
I will wait several days before trying again
Atm, i didn't even find a way to force the file as good toward kaspersky
Within less one minute, it is removed

FixEUser

#4
April 09, 2025, 11:02:49 AM
Quote from: pbranly on April 09, 2025, 07:09:01 AMAtm, i didn't even find a way to force the file as good toward kaspersky
Actually, you need to manually add an exclusion for the entire folder \exiftool-13.27_64
KAS will no longer check this folder then.

pbranly

#5
April 09, 2025, 04:05:32 PM
Quote from: FixEUser on April 09, 2025, 11:02:49 AM
Quote from: pbranly on April 09, 2025, 07:09:01 AMAtm, i didn't even find a way to force the file as good toward kaspersky
Actually, you need to manually add an exclusion for the entire folder \exiftool-13.27_64
KAS will no longer check this folder then.

Mmmm I am not sure that is a solution
I download the zip file in the download directory
Then my antivirus destroys the exe file as soon as it is unzipped

Furthemore I dont like to unprotect a directory

I will wait either another version of exiftool, or a kaspersky release, or use the 32 bit version
Phil

Phil Harvey

#6
April 09, 2025, 04:11:07 PM
For what it's worth, I ran exiftool-13.27_64.zip through the online Kaspersky virus checker (https://opentip.kaspersky.com/) and it came up perfectly clean.

- Phil
...where DIR is the name of a directory/folder containing the images.  On Mac/Linux/PowerShell, use single quotes (') instead of double quotes (") around arguments containing a dollar sign ($).

pbranly

#7
April 10, 2025, 03:02:48 AM
Hi
Surprisingly this morning the file is not any more removed by kaspersky
I assume the kapspersky false positive was fixed
By chance it did not remove other files ......
Thank you
Phil

FixEUser

#8
April 10, 2025, 10:50:18 AM
Quote from: pbranly on April 10, 2025, 03:02:48 AM..this morning the file is not any more removed by kaspersky...
+1
After removing my exclusions, the newly downloaded 64bit-ZIP file was extracted without any problems.

My KAS version is still v21.20.8.505, so I assume a pattern update fixed it.
Print
Go Up Pages1
User actions