Potential Trojan Detected in NormCap.exe (Gen:Variant.Barys.459118) for Windows
Closed this issue · 2 comments
Hello,
I recently downloaded the Windows version of NormCap from the release page (version 0.5.6, NormCap-0.5.6-x86_64-Windows.msi) and after installation, a scan of C:\Program Files\NormCap\NormCap.exe flagged the executable as containing a Trojan (Gen:Variant.Barys.459118).
Here is the VirusTotal report for reference.
Could you please investigate this issue to ensure the safety of the file and provide any necessary updates or clarifications?
Hi @ahmedatef1610, thanks for reporting!
Potential false positives on Windows are a known open issue of I think this might be one of those cases. The relativly low score of 12 out of 72 also might hint into that direction.briefcase, the tool used to package NormCap for Windows, MacOS and Linux (AppImage).
EDIT: the issue talks about false positives during build, which is something different. I still think it is a false positive, as the .exe generated by briefcase is a fairly generic stub which just launches the Python binary and NormCap. No idea how to proof it, though...
Does anyone know, what to do in such a case?
PS: For anyone worried in the meantime, I recommend checking the NormCap's source code and installing the Python package directly.
I reported it as False Positive to bitdefender, one of the AVs showing alerts. Let's see, what happens.
(Now, the TotalVirus report shows only 9 of 73? What happend to the other 3?)