Kaspersky flags unpack200.exe as a trojan

Kaspersky flags unpack200.exe in RubyMine, Pycharm Pro, and Webstorm as a trojan: (Trojan.Win32.Cometer.ib)

5 comments
Comment actions Permalink

Probably because it contains packer code that is utilized by cometer.ib for the purpose of obfuscation.  You can make a scan exclusion rule in Kaspersky, just make it the absolute path to the unpack200.exe file. You could also do it to the entire folder if you wanted, but, I'm a paranoid individual & don't like broad rules like that enabled.

0
Comment actions Permalink

Kaspersky just deletet my unpack200.exe. How can I restore it?

.:EDIT:.

Kaspersky let me to restore the file from quarantine.

0
Comment actions Permalink

As you've found it you can restore it multiple ways, another way is by the 'backup' tab; if that is a setting box you have ticked off (ie make a backup before deletion)

0
Comment actions Permalink

What is the version of RubyMine used?

0
Comment actions Permalink

I'm not at home now so I can't get the specific version but all three applications are at the current stable versions.

0

Please sign in to leave a comment.