Using Native Access to update Komplete Kontrol - virus detected, update did not succeed

MikaX · 2025-03-27T19:53:43+00:00

There was an error rendering this rich post.

Hi,

I just did try to update Komplete Kontrol 3.4.1 with Native Access 3.17.0 (d0b7b7b / 1.23.0.0). The update was blocked by my F-Secure virus detection tool. It reported that the update software contains Drop.Win32.WinDirControlSer.4.11011 which is a trojan dropper (seems to be a nasty animal https://www.f-secure.com/v-descs/trojan-dropper-generic.shtml).

Is this real or false positive? What do you think?

Thanks.

Regards, Mika

Find more posts tagged with

Accepted answers

MikaX

Just tested and everything works like a charm. No need to tweak F-Secure.

Thanks for everyone involved!

All comments

Unlock

Hi,

I had exactly the same issue, but on my second PC, which is running Bitdefender, it was not detected, and the update went through without any problems.

Vocalpoint

https://community.native-instruments.com/discussion/43880/using-native-access-to-update-komplete-kontrol-virus-detected-update-did-not-succeed

I think you need better AV software - or just use Defender. No virus payloads in Native Access or Komplete Kontrol - unless of course you are running some sketchy version that did not come from the NI website.

PoorFellow

https://community.native-instruments.com/discussion/43880/using-native-access-to-update-komplete-kontrol-virus-detected-update-did-not-succeed

I just did try to update Komplete Kontrol 3.4.1 with Native Access 3.17.0 (d0b7b7b / 1.23.0.0). The update was blocked by my F-Secure virus detection tool. It reported that the update software contains Drop.Win32.WinDirControlSer.4.11011 which is a trojan dropper (seems to be a nasty animal https://www.f-secure.com/v-descs/trojan-dropper-generic.shtml).

Is this real or false positive? What do you think?

I have exactly the same problem with my AV program , the Komplete Kontrol 3.4.1 triggers the AV behavior shield (Trojan-Dropper Generic , A generic detection has identified a program or file that has features or behaviors similar to a trojan-dropper) .

Of course then the likely hood that this is a false positive is high. What worries me is that apparently it is not enough to add the file to the exception list, apparently then I have to turn off the AV behavioral shield for it to install which I am not keen on doing. While this very likely is a false positive then I personally am going to wait upgrading.

Annoyingly then the file is too big to be submitted for analysis at f-secure .

Mert_NI

https://community.native-instruments.com/discussion/43880/using-native-access-to-update-komplete-kontrol-virus-detected-update-did-not-succeed

Hello MikaX, It is most likely a false positive since other av software does not report any virus.

To get it properly whitelisted, I sahred this request with the related team so they can confirm that. I will let you know about the result as soon as possible.

I hope this helps☺️

MikaX

https://community.native-instruments.com/discussion/comment/219308#Comment_219308

Hi Mert, thanks for your reply. Just a short note: Also Unlock wrote in this thread about Bitdefernder AV reporting the same finding.

atoenne

If you are using the current Windows version/updates, the general advice is to avoid additional AV software in the first place. They open up more holes to gain the necessary low level access than giving any benefit over the internal Windows defense.

The vendors tell you a different story of course 😏

I am enterprise architect in a large bank btw.

MikaX

https://community.native-instruments.com/discussion/comment/219308#Comment_219308

Hi Mert, thanks for your reply. Just a short note: Also Unlock wrote in this thread about Bitdefernder AV reporting the same finding.

And atoenne, I will consider what you proposed. Thanks for your comment.

PoorFellow

https://community.native-instruments.com/discussion/comment/219308#Comment_219308

Whatever N.I. have done to alleviate that AV trigger problem then it appears as not working at all , problem just expanded to include the Kontakt 8.30 installer also :

Antivrus powered by F-Secure

Mert_NI

https://community.native-instruments.com/discussion/comment/223317#Comment_223317

Hello PoorFellow, thank you for letting me know about this, I'm immediately sending this post to our technical team so they can check this situation as soon as possible.

virttop

https://community.native-instruments.com/discussion/comment/223353#Comment_223353

Yes please fix this asap and let us know when it has been fixed!

Migu11

I also get the same virus message when I try to update komplete control with native access. I also have F-secure virus software. Has this issue been resolved ?

Vocalpoint

https://community.native-instruments.com/discussion/comment/225054#Comment_225054

This is an issue for F-Secure to resolve.

It’s their (and apparently only their) false positive - kicking this message.

PoorFellow

https://community.native-instruments.com/discussion/comment/225054#Comment_225054

Has this issue been resolved ?

Apparently not.

Hopefully then N.I. and F-Secure will have this solved. But it should not hurt if you contact F-Secure support also and ask them to fix the problem. And if you do then also tell them that the Komplete Kontrol 3.4.1 installer file is too big for it to be submitted for analysis in their in-program submit false-positive for analysis .

Ajatelma

The reason is F-Secure antivirus which prevents the installation of some C++ files in the Windows system directory. This stops the installation without an error message at the initial stage.

It does not help even if I allow the installation of the "Komplete Kontrol 3.4.1 Setup PC.exe" file in the F-Secure program, because the blocked program is placed in the user's tmp directory during the installation process, which seems to be different every time - so I cannot create a separate antivirus rule for it to detect it.

The solution is to completely remove the F-Secure real-time antivirus from the computer for 5 minutes during the installation process. This is scary, but it allowed the Komplete Kontrol program to be installed.

Previously, in situations like this, it has been enough to make an exception in the F-Secure program that allows a specific program or directory, leaving it unchecked. I have never had to remove the protection of the entire computer when installing any other program.

I would also like to mention that it is scary to download a program from a Google Drive folder, I would like the programs to be downloaded from official sources whose URL address is the manufacturer's official domain address. This is doubly scary.

virttop

I just tried reinstalling Komplete Kontrol with native access and this time it worked. Guess F-secure pushed an update. Would be great if someone else could verify this as well

Quick links

Unanswered questions