NextDNS agent 2.0.1 now detected as malware
I am not sure what changed but the official exe download from the site is now detected as malware. I have used the .exe for many months without issue until today. It appears that 13 AV companies are now detecting it as malware. It was automatically removed from my computer.
Update: windows smartscreen is now blocking downloads of this as well
17 replies
-
I am having the same problem. Both Windows Defender & Antivirus software are detecting it as malware. It seems the app has been recently updated and there might be some bug in it.
I am using YogaDNS software with NextDNS settings for the time being the issue is resolved.
-
A virustotal scan of the Windows exe does not look great. More than likely a large false positive. Lets hope.
-
I noticed that this has happed on my Win10 system today. Getting the following in the event logs;
Log Name: Microsoft-Windows-Windows Defender/Operational Source: Microsoft-Windows-Windows Defender Date: 3/01/2021 21:39:11 Event ID: 1116 Task Category: None Level: Warning Keywords: User: SYSTEM Computer: XXXXXXXXXXXX Description: Microsoft Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Masslogger.VN!rfn&threatid=2147767997&enterprise=0 Name: Trojan:MSIL/Masslogger.VN!rfn ID: 2147767997 Severity: Severe Category: Trojan Path: file:_C:\Program Files (x86)\NextDNS\NextDNS.exe Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection User: NT AUTHORITY\SYSTEM Process Name: C:\Windows\Temp\NextDNS Upgrader 2.0.1.exe Security intelligence Version: AV: 1.329.1515.0, AS: 1.329.1515.0, NIS: 1.329.1515.0 Engine Version: AM: 1.1.17700.4, NIS: 1.1.17700.4
Looks to be the latest NextDNS agent update that is the issue.
Let hope it gets sorted soon.
-
Same here with Bitdefender. Classified as: Trojan.GenericKD.35766253
-
+1 BitDefender here. is this a false positive or we are really dealing with malware??? NextDNS, please respond
-
+1 BitDefender as well. As others said, VirusTotal results also very alarming, almost as alarming as the lack of response from NextDNS
-
Well some info from VirusTotal may be the reason for this:
. Also something microsoft probably doesn't like
-
Any news on if there has been a compromise to the app? Carbon Black is flagging it now too likely because they leverage virus total, who thinks there is a problem.
-
Next DNS Could we have an official confirmation that we can run the Windows installer safely and bypass any warning from smartscreen and antivirus ... Thanks in advance ...
Content aside
- 3 yrs agoLast active
- 17Replies
- 1014Views
-
13
Following