Subtitleedit: Virus found in SubtitleEdit-3.5.2-Setup.zip?

Created on 6 Mar 2017  路  11Comments  路  Source: SubtitleEdit/subtitleedit

Wenn downloading SubtitleEdit-3.5.2-Setup.zip Windows Defender on Windows 10 detects "TrojanSpy:Win32/Skeeyah.A!rfn" in the file SubtitleEdit-3.5.2-Setup.exe. I don't know if this is a false alarm, but I don't want to try ;-)

All 11 comments

False positive, got this from ms: Detection will be removed with signature build 1.237.706.0 or later.

Also check https://github.com/SubtitleEdit/subtitleedit/issues/2266

Ah, I've only reported the "SubtitleEdit.exe" as a false positive, not the installer which also seems to annoy anti virus programs. Lets see in a few days.

I love Subtitle Edit since 3.4.1 version 2014 so is very sad to tell that by the very first time MS Essentials Security gave alert for "TrojanSpy:Win32/Skeeyah.A!rfn" right after 3.5.2 has been installed.
Detection locals:

I don鈥檛 know if was either positive or false alert but despite logged as adm with high level privileges this alert immediately caused annoying things as like:

  • Block access to all folders and hard disks with shortcuts placed in desktop;

    • Turns on UAC and set it to high;

    • Auto change SECPOL to revoke user permissions for backup and restore tasks and by here also has blocked all my robocopy BAT scripts.

I hope it turns out to be a false positive alert and that Microsoft be kind enough to quickly turn off such crap automatic actions for this alert in so useful software always clean since 2014.

MS has fixed it for SubtitleEdit.exe - see https://www.virustotal.com/en/file/88ad0af7dfe1483125c31ec29cd11fc4d3ad0ea6576b603fe65cf71bd72d28a5/analysis/

I've not reported the installer yet...

SubtitleEdit.exe is down to 0 (started on about 6) infections now: https://virustotal.com/en/file/88ad0af7dfe1483125c31ec29cd11fc4d3ad0ea6576b603fe65cf71bd72d28a5/analysis/1488903041/

SubtitleEdit-3.5.2-Setup.exe is down to 3 (started on about 9!) infections now: https://virustotal.com/en/file/d75ceab99c34462d5add399aefc41bd2c28827a11212007f30d4f254aa340886/analysis/1488903102/

Thx to anyone helping with false positive reports :)

Submit false positives here: https://www.microsoft.com/en-us/security/portal/submission/submit.aspx
I did but I guess it won鈥檛 hurt if others do it too.

@5moufl: thx :)

Wenn downloading SubtitleEdit-3.5.2-Setup.zip Windows Defender on Windows 10 detects "TrojanSpy:Win32/Skeeyah.A!rfn" in the file SubtitleEdit-3.5.2-Setup.exe. I don't know if this is a false alarm, but I don't want to try ;-)

i'm same thing with this. but i used Windows 10 64Bit Os. :( so said .......
BTW: Subtitle Edit 3.5.1,Build 1 can be use in my Win10. And it's very good... THX.

Microsoft (Windows Defender) is happy now: https://virustotal.com/en/file/d75ceab99c34462d5add399aefc41bd2c28827a11212007f30d4f254aa340886/analysis/1489073730/

Only Rising is still mad... I'll check again tomorrow.

Was this page helpful?
0 / 5 - 0 ratings