So, I tried to install lidarr on my windows machine via the exe on the website, but my antivirus flagged it immediately. I am sure i could just work around this by disabling the antivirus for a bit or by composing it manually, but for all I know maybe someone inserted some malicious code. Is this an issue y’all have noticed? How can I tell if this is actually malicious?

  • violetrage@slrpnk.net
    0·
    2 days ago

    See if the developers publish hashes of their executables (something like sha1/256, md5…). Then you can take the hash of your executable, and if they are the same, you should have gotten the exact same file. This does of course not help if the place you get the hashes from is also compromised.

  • Faceman🇦🇺@discuss.tchncs.deEnglish
    0·
    2 days ago

    some of the more aggressive antivirus software will flag anything related to piracy.

    If you are certain it was the official lidarr and is safe, you can add it to a whitelist so it is ignored.

  • Artwork@lemmy.worldEnglish
    0·
    3 days ago

    Wonderful day!

    Depending on the anti-malware, it may be either a known signature, or heuristics.
    - In case of the former, the signature may be a just a single use of function inside the safe program that matches with a malware that uses the same (e.g., in a thread or memory range the anti-malware probed);
    - Heuristics - May just be too restrictive local security settings;

    Yet, if you don’t have enough time to investigate in locally in isolated environments as virtual machines/containers, debugging syscalls and activities in file-system, memory, network etc., there are less manual or outsources, options, including the common know ones:
    - https://opentip.kaspersky.com/
    - https://opentip.kaspersky.com/requests
    - https://virustotal.com/gui/
    - https://any.run/

    Please stay safe!

    • m4a@lemmy.dbzer0.comOP
      0·
      2 days ago

      Thanks for the diagnostic tools! According to the tools, the software is probably safe, so I guess I’m gonna be trying disabling the antivirus while I install and hoping that avoids the problem. I’ll keep those tools bookmarked for future use.

      I personally find it funny that when I ran it through VirusTotal, there were only four antivirus vendors that marked it as malware, and the only two I have ever used were among them. It feels nice seeing my antiviruses being as paranoid as I think an antivirus should be.