NextDNS 2.0.3 detected by Kaspersky

BigDargon
3 yrs ago
5replies

Today, the NextDNS application automatically updated to version 2.0.3. But was detected by Kaspersky as Trojan-PSW, so it was blocked and deleted.

Event: Malicious object detected
User: COMPAQ-CQ45\Jerry
User type: Active user
Application name: NextDNSService.exe
Application path: C:\Program Files (x86)\NextDNS
Component: File Anti-Virus
Result description: Detected
Type: Trojan
Name: UDS:Trojan-PSW.Win32.Mimikatz.ekv
Precision: Exactly
Threat level: High
Object type: File
Object name: NextDNS Upgrader 2.0.3.exe
Object path: C:\Windows\Temp
MD5: 44657C3CFD8A4CC8DD1B0E8AF008002F
Reason: Cloud Protection

Event: Malicious object detected
User: COMPAQ-CQ45\Jerry
User type: Active user
Application name: NextDNSService.exe
Application path: C:\Program Files (x86)\NextDNS
Component: File Anti-Virus
Result description: Detected
Type: Trojan
Name: UDS:Trojan-PSW.Win32.Mimikatz
Precision: Exactly
Threat level: High
Object type: File
Object name: NextDNSService.exe
Object path: C:\Windows\Temp\NextDNS Upgrader 2.0.3.exe//
MD5: 50D6D76C0BD3EB2985D9D8C040E812E9
Reason: Cloud Protection

When I download the 2.0.3 installation, it's still detected by Kasperksy

Event: Malicious object detected
User: COMPAQ-CQ45\Jerry
User type: Active user
Application name: explorer.exe
Application path: C:\Windows
Component: File Anti-Virus
Result description: Detected
Type: Trojan
Name: UDS:Trojan-PSW.Win32.Mimikatz.ekv
Precision: Exactly
Threat level: High
Object type: File
Object name: NextDNSSetup-2.0.3.exe
Object path: D:\Users\Downloads\Programs
MD5: 44657C3CFD8A4CC8DD1B0E8AF008002F
Reason: Cloud Protection

Event: Malicious object detected
User: COMPAQ-CQ45\Jerry
User type: Active user
Application name: explorer.exe
Application path: C:\Windows
Component: File Anti-Virus
Result description: Detected
Type: Trojan
Name: UDS:Trojan-PSW.Win32.Mimikatz
Precision: Exactly
Threat level: High
Object type: File
Object name: NextDNSService.exe
Object path: D:\Users\Downloads\Programs\NextDNSSetup-2.0.3.exe//
MD5: 50D6D76C0BD3EB2985D9D8C040E812E9
Reason: Cloud Protection

Please check and fix it! Thank you!

- NextDNs
- 3 yrs ago
- Reported - view
This happens every time we release a new version of the Windows app. It is signed with an EV certificate and nothing major has changed in this revision, but still, those anti-viruses AI keep reporting it as a trojan. This is obviously a false positive. It will solve by itself as people report it as such, until the next revision…
- BigDargon
  
  3 yrs ago
  
  Reported - view
  NextDNS I reported this issue to Kaspersky and they fixed it! I installed the new update normally. Thank you!
- Matheo
  
  3 yrs ago
  
  Reported - view
  NextDNS Same for Windows Defender, NextDNS app is detected as Trojan. Thanks for you comforting message :)
- BigDargon
  
  3 yrs ago
  
  Reported - view
  Mathéo Maybe fixed https://www.virustotal.com/gui/file/b0b7a1408329bc3b64e56f05e71be05a4042b3e71ae271cb137d3eef0af3f7e2/detection
- mssfxwas
- 3 yrs ago
- Reported - view
I contacted microsoft and they said they removed the detection

Content aside

2 Likes
3 yrs agoLast active
5Replies
185Views
4 Following

NextDNS 2.0.3 detected by Kaspersky

5 replies

Content aside

Home

Tags