Kaspersky removes odrive

Kaspersky 20.0.14.1085 (I)

Removed malware PDM:Exploit.Win32.Generic.nblk Application name: C:\Users\ep11424.odrive\bin\6709\odriveapp.exe Application path: c:\users\ep11424.odrive\bin\6709\odriveapp.exe Time: 9/23/2020 8:56 AM
23.09.2020 08.55.53 Terminated malware PDM:Exploit.Win32.Generic.nblk Application name: C:\Users\ep11424.odrive\bin\6709\odriveapp.exe Application path: C:\Users\ep11424.odrive\bin\6709\odriveapp.exe Time: 9/23/2020 8:55 AM
23.09.2020 08.55.53 Detected malware PDM:Exploit.Win32.Generic.nblk Application name: C:\Users\ep11424.odrive\bin\6709\odriveapp.exe Application path: c:\users\ep11424.odrive\bin\6709\odriveapp.exe Time: 9/23/2020 8:55 AM
23.09.2020 08.55.53 Blocked malware PDM:Exploit.Win32.Generic Application name: C:\Users\ep11424.odrive\bin\6709\odriveapp.exe Application path: c:\users\ep11424.odrive\bin\6709\odriveapp.exe Time: 9/23/2020 8:55 AM
23.09.2020 08.55.53 Detected malware PDM:Exploit.Win32.Generic Application name: C:\Users\ep11424.odrive\bin\6709\odriveapp.exe Application path: c:\users\ep11424.odrive\bin\6709\odriveapp.exe Time: 9/23/2020 8:55 AM
23.09.2020 08.55.37 Update of databases and application modules Completed. Average download speed:: 80.20 KB/s Status:: Completed. Downloaded and updated:: 966.23 KB Total duration: 40 seconds Time: 9/23/2020 8:55 AM

Hi @epekarik,
Sorry about this.

I am trying to work with Kaspersky to stop these recent false positives. It is pretty strange since it seems to be entirely random. Our most recent version, 6714, does not get flagged by them. 6709 is flagged by them now, but it wasn’t when we released 4 days ago…

Here is the VirusTotal scan for 6714: https://www.virustotal.com/gui/file/1af710cbcdbdccef81d2b1dc1ce2cec1f6c40af239598ae92a649aa21069b6d6/detection

In any case, I can assure you that we do not have a “Exploit.Win32.Generic”, whatever that may be.

Can you try installing our latest version from here? https://www.odrive.com/downloaddesktop?platform=win

Tony,

As you requested, I installed 6714. So far it didn’t trigger Karpersky
thank you for your help
Endre

1 Like

Sorry just got the message that Kaspersky removed 6714

Hi @epekarik,
Thanks for informing me. Here is what Kaspersky is asking for for further troubleshooting on this. When you get a chance, do you think would be able to provide this information?

  • Specify the OS and Kaspersky product version where the detection is present
  • Send the screenshots showing both the filename and the verdict.
  • Send the trace log of the product. Here are the instructions for how to obtain trace logs https://support.kaspersky.com/common/diagnostics/12797

Hopefully we can get this lifted ASAP.

Hi @epekarik,
Just let me know if you’ll be able to send me the info above. I am attempting to get enrolled in their white-list program, as well.

Tony,
MS Win 10 Pro 10.0.18363 Build 18363
Kaspersky 20.0.14.1085 (I)

Attached screenshots

  • URL warning during download
  • kaspersky cleanup

where do I send the kaspersky trace files?

Thanks @epekarik!

You can send the trace to me privately. Just click on my name and then click on “Message”

Tony,
the log file is zipped, still 132M upload rejects it due to size any other idea how to send it to you?

Hi @epekarik,
Wow, I didn’t expect the traces to be that large. Can you upload using the odrive webclient and then create a shared link to it?

Sorry for the hassle.

Tony, did you get the log? Is it usable?

Hi @epekarik,
My apologies. I didn’t see you message yesterday. I followed-up in the direct message. Can you take a look when you get a chance?