Using Native Access to update Komplete Kontrol - virus detected, update did not succeed
Hi,
I just did try to update Komplete Kontrol 3.4.1 with Native Access 3.17.0 (d0b7b7b / 1.23.0.0). The update was blocked by my F-Secure virus detection tool. It reported that the update software contains Drop.Win32.WinDirControlSer.4.11011 which is a trojan dropper (seems to be a nasty animal https://www.f-secure.com/v-descs/trojan-dropper-generic.shtml).
Is this real or false positive? What do you think?
Thanks.
Regards, Mika
Best Answer
-
Just tested and everything works like a charm. No need to tweak F-Secure.
Thanks for everyone involved!
1
Answers
-
Hi,
I had exactly the same issue, but on my second PC, which is running Bitdefender, it was not detected, and the update went through without any problems.
0 -
I think you need better AV software - or just use Defender. No virus payloads in Native Access or Komplete Kontrol - unless of course you are running some sketchy version that did not come from the NI website.
VP
1 -
I just did try to update Komplete Kontrol 3.4.1 with Native Access 3.17.0 (d0b7b7b / 1.23.0.0). The update was blocked by my F-Secure virus detection tool. It reported that the update software contains Drop.Win32.WinDirControlSer.4.11011 which is a trojan dropper (seems to be a nasty animal https://www.f-secure.com/v-descs/trojan-dropper-generic.shtml).
Is this real or false positive? What do you think?
I have exactly the same problem with my AV program , the Komplete Kontrol 3.4.1 triggers the AV behavior shield (Trojan-Dropper Generic , A generic detection has identified a program or file that has features or behaviors similar to a trojan-dropper) .
Of course then the likely hood that this is a false positive is high. What worries me is that apparently it is not enough to add the file to the exception list, apparently then I have to turn off the AV behavioral shield for it to install which I am not keen on doing. While this very likely is a false positive then I personally am going to wait upgrading.
Annoyingly then the file is too big to be submitted for analysis at f-secure .
1 -
Hello MikaX, It is most likely a false positive since other av software does not report any virus.
To get it properly whitelisted, I sahred this request with the related team so they can confirm that. I will let you know about the result as soon as possible.
I hope this helps☺️
1 -
Hi Mert, thanks for your reply. Just a short note: Also Unlock wrote in this thread about Bitdefernder AV reporting the same finding.
1 -
If you are using the current Windows version/updates, the general advice is to avoid additional AV software in the first place. They open up more holes to gain the necessary low level access than giving any benefit over the internal Windows defense.
The vendors tell you a different story of course 😏
I am enterprise architect in a large bank btw.
0 -
Hi Mert, thanks for your reply. Just a short note: Also Unlock wrote in this thread about Bitdefernder AV reporting the same finding.
And atoenne, I will consider what you proposed. Thanks for your comment.
1 -
Whatever N.I. have done to alleviate that AV trigger problem then it appears as not working at all , problem just expanded to include the Kontakt 8.30 installer also :
Antivrus powered by F-Secure
1 -
Hello PoorFellow, thank you for letting me know about this, I'm immediately sending this post to our technical team so they can check this situation as soon as possible.
3 -
Yes please fix this asap and let us know when it has been fixed!
1 -
I also get the same virus message when I try to update komplete control with native access. I also have F-secure virus software. Has this issue been resolved ?
0 -
This is an issue for F-Secure to resolve.
It’s their (and apparently only their) false positive - kicking this message.
VP
0 -
Has this issue been resolved ?
Apparently not.
Hopefully then N.I. and F-Secure will have this solved. But it should not hurt if you contact F-Secure support also and ask them to fix the problem. And if you do then also tell them that the Komplete Kontrol 3.4.1 installer file is too big for it to be submitted for analysis in their in-program submit false-positive for analysis .
0 -
The reason is F-Secure antivirus which prevents the installation of some C++ files in the Windows system directory. This stops the installation without an error message at the initial stage.
It does not help even if I allow the installation of the "Komplete Kontrol 3.4.1 Setup PC.exe" file in the F-Secure program, because the blocked program is placed in the user's tmp directory during the installation process, which seems to be different every time - so I cannot create a separate antivirus rule for it to detect it.
The solution is to completely remove the F-Secure real-time antivirus from the computer for 5 minutes during the installation process. This is scary, but it allowed the Komplete Kontrol program to be installed.
Previously, in situations like this, it has been enough to make an exception in the F-Secure program that allows a specific program or directory, leaving it unchecked. I have never had to remove the protection of the entire computer when installing any other program.
I would also like to mention that it is scary to download a program from a Google Drive folder, I would like the programs to be downloaded from official sources whose URL address is the manufacturer's official domain address. This is doubly scary.
0 -
I just tried reinstalling Komplete Kontrol with native access and this time it worked. Guess F-secure pushed an update. Would be great if someone else could verify this as well
1
Categories
- All Categories
- 18 Welcome
- 1.7K Hangout
- 67 NI News
- 894 Tech Talks
- 4.6K Native Access
- 17.8K Komplete
- 2.2K Komplete General
- 4.8K Komplete Kontrol
- 6.3K Kontakt
- 1.1K Reaktor
- 407 Battery 4
- 917 Guitar Rig & FX
- 465 Massive X & Synths
- 1.5K Other Software & Hardware
- 6.4K Maschine
- 8.2K Traktor
- 8.2K Traktor Software & Hardware
- Check out everything you can do
- Create an account
- See member benefits
- Answer questions
- Ask the community
- See product news
- Connect with creators