Jump to content

Bitdefender flags paint.net.5.0.7.install.x64.zip

Go to solution Solved by toe_head2001,

Recommended Posts

I downloaded paint.net.5.0.7.install.x64.zip from Github, extracted the installer, launched it, and Bitdefender instantly flagged it. Couldn't install it.


Edit: Right-clicking the file to scan with Bitdefender didn't reveal anything. It only occurs upon launch.

This is what Bitdefender is reporting:


The file C:\Users\[username]\AppData\Local\Temp\7zS40E88D5D\SetupShim.exe is infected with Gen:Variant.Tedy.388183 and was moved to quarantine. It is recommended that you run a System Scan to make sure your system is clean.


Edited by xordevoreaux
Link to comment
Share on other sites

For all the years I've used both Paint.net and BitDefender, this is the first time I've come across this, and with so many repositories in Github compromised, I'm keeping my current installation of Paint.net and turning off automatic updates. I'll see how things are with the next announced update.

Link to comment
Share on other sites

Many antivirus programs will sometimes have false-positives until they learn that the new version is not a virus. Quite often because the installer is doing "suspicious" things such as requiring elevated privilege and having a bunch of compressed files within it (via 7-zip/LZMA compression). In other words, it's not detecting a specific virus -- it's using a heuristic to detect things that might be from a virus. And those things happen to align with what a legitimate application installer will often be doing as well.


I scanned it multiple times with Windows Defender, which did not pick up any virus or malware.


This will likely go away within a day or so.

  • Upvote 3

The Paint.NET Blog: https://blog.getpaint.net/

Donations are always appreciated! https://www.getpaint.net/donate.html


Link to comment
Share on other sites

My virus protection also detects a virus of the type beast (Trojan) in the installation software paint.net.5.0.7.install.x64.zip. The detected infection is quarantined and installation is denied. I take the alert seriously because in over 10 years of using paint.net I have never had an update virus alert before. (Translated from German with Google translator)

Link to comment
Share on other sites

Okay, I've now relied on admin Rick Brewster's statement because my antivirus was also alerting by behavior and not a specific virus. The supposedly detected Trojan of the type "beast" is not exactly defined. I downloaded the offline installation file to bypass the installation lock from my antivirus program. Then I blocked internet access and turned off the virus monitor. The paint.net installation routine that was then started ran normally. After that, paint.net also started normally. A subsequent full virus scan of the computer yielded nothing.


Thanks very much.


(Translated from German with Google translator)

Edited by MC Painter
  • Like 2
Link to comment
Share on other sites

  • 1 month later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...