Solved: Problem is the object

Amartya_M_ · ‎01-18-2016

I have downloaded "xdk_web_win_master_2807" once installed my kasperskey showing a report of trojan virus

Detected object (file) was moved to Quarantine. "..\AppData\Local\Intel\XDK\xdk\node_modules\ref\build\Debug\binding.node" Application: Intel® Software Setup Assistant "..\AppData\Local\Intel\XDK\xdk\node_modules\ref\build\Debug\binding.node" Object name: Trojan-Spy.Win32.Agent.czwy, its crazy, KSN reputation is good for the installer, but how can intel site do not check for this??

PaulF_IntelCorp · ‎01-21-2016

This issue has been resolved. Please download the hotfix (v2893) from http://xdk.intel.com and see this post for more details > https://software.intel.com/en-us/forums/intel-xdk/topic/607280

View solution in original post

Marcio_G_ · ‎01-18-2016

Also I had the same problem!

Shaun_W_ · ‎01-18-2016

I have the same problem... also using Kaspersky. Has anyone tried installing with a different AV? I wonder if this is a false-positive.

Brian_C_4 · ‎01-18-2016

Same issue with kaspersky deleting binding.node -

Stephen_H_2 · ‎01-19-2016

I had this problem also, Kaspersky + binding.node. I have had this version of XDK installed since mid Dec but only showed up on scans yesterday. Is this really a virus? Is Intel going to respond? This could be a tad embarrassing for them. There must be thousand upon thousands of devs using XDK and some in a corporate settings also.

Amartya_M_ · ‎01-19-2016

Problem is the object identified is kind of a Trojan, even if its a false positive (if it is!!) I need to respect my anti virus.

In that case intel should have notified the same.

Thanks for your comments guys

PaulF_IntelCorp · ‎01-19-2016

This is due to a virus that was introduced on top of node-webkit, so that all node-webkit apps are now marked as a virus, which is not the case. We have asked the virus vendors to fix this. The false alarm is due to the introduction of this virus > http://news.softpedia.com/news/ransom32-is-a-javascript-based-ransomware-that-uses-node-js-to-infect-users-498342.shtml

Amartya_M_ · ‎01-19-2016

Paul,
Thanks for the reply, but what you said sounds contradictory.

1. If it's a false alarm then there could have been a notification with explanation and an active approach to fix it

2. The link you have sent its in did confirming it's serious Ransomware type. So AV's are right to make a detection

3. I have downloaded the exe from intel site maintenance & security team should be more proactive and concerned about this
Intel is a name we trust otherwise we wouldn't bothered to download an IDE which need higher privileges than other normal download.and
can affect millions of computer

there should be an clear official acknowledgment.

Thanks

PaulF_IntelCorp · ‎01-19-2016

@Amartya, this is a brand new event, we are working to resolve it, we do not have a way to change the false detection, that can only be changed by the virus vendors.

Swati_S_Intel1 · ‎01-19-2016

Just a little correction: We are trying to resolve this, the false detection can only be changed by the anti-virus vendor.

PaulF_IntelCorp · ‎01-20-2016

For those who are having trouble with anti-virus software preventing them from downloading or running the XDK, try downloading the EA version. Our tests indicate that it is NOT being rejected by the anti-virus vendors. For more details and download info regarding the EA release see this post: https://software.intel.com/en-us/forums/intel-xdk/topic/606746 and the links within it.

PaulF_IntelCorp · ‎01-21-2016

This issue has been resolved. Please download the hotfix (v2893) from http://xdk.intel.com and see this post for more details > https://software.intel.com/en-us/forums/intel-xdk/topic/607280

[RESOLVED] XDK installer downloaded from intel site showing trojan Virus