Loading...
Before reporting a bug, try to do a clean re-install:
  1. Remove all entries of Tukui Client from Add/Remove Programs.
  2. Remove data folder for Tukui Client:
    • Open a Windows Explorer window (folder).
    • Type the following in the address bar and press Enter:

      Code: Select all

      %localappdata%
    • Find the Tukui folder and delete it.
  3. Download the latest version of the Tukui Client and install it.

AVG Detects Trojan

#11
Kytak wrote:
Sat Sep 16, 2017 3:54 pm
I uninstalled it and reinstalled again from the Tukui website. So far no warning from AVG during the installation.
I didn't get one when I installed it previously after the Tukui website rebuild. I'd have reported it otherwise.
The warnings only started appearing with very recent client initiated updates. I'll let you know what happens next time there is a Tukui Client initiated update.

History: Originally I had the Tukui Client from the previous Tukui website that got hacked, then that client got replaced by a new one from the new rebuilt Tukui website. No warnings were reported by AVG for any of those installs. IIRC there were a couple of updates to the new client in the first day or so of the new Tukui rebuilt website coming online and none of those new tukui client initiated updates caused any problems for AVG. Its only been the last 3 ( so the last week or so ??) of tukui client initiated updates that caused AVG to complain.

I have to ask what is it that you have modified in the clients source tree to introduce/remove this false positive?
There really hasn't been anything added that should of caused it to happen. My suspicion is that the client downloading an update for itself and launching the setup.exe for the new client is what the issue is. Moving forward the client will now direct you to the website to manually do an update. Hopefully this will solve the issue for a lot of people. I also made a change that registers the Tukui Client as a ClickOnce application.

ClickOnce applications are based on the .NET Framework and are subject to code access security constraints.

Basically it prevents the client from messing with system or registry files, as it doesn't anyways. My guess is that by executing the setup.exe it violates that, therefore this needs to be done manually.

AVG Detects Threat (again)

#13
Hi (me again :) ) ,

The latest update 3070 which was notified by the Tukui client to me today ( and took me to the website to download directly and requiring me to manually install from the downloaded file ) produces the error displayed in the imgurl image here: https://imgur.com/a/OZmP4 when I started the 3070 tukui client.
Image


I've made another exception but it looks like the problem has returned. The name of the threat is something called IDP.Generic

Just FYI really.

AVG Detects Threat (again)

#14
Kytak wrote:
Sat Sep 23, 2017 1:30 pm
Hi (me again :) ) ,

The latest update 3070 which was notified by the Tukui client to me today ( and took me to the website to download directly and requiring me to manually install from the downloaded file ) produces the error displayed in the imgurl image here: https://imgur.com/a/OZmP4 when I started the 3070 tukui client.
Image


I've made another exception but it looks like the problem has returned. The name of the threat is something called IDP.Generic

Just FYI really.
I am also getting it with Windows Defender.

Damon

Windows Defender Detects Trojan

#16
Blazeflack wrote:
Thu Aug 03, 2017 11:41 pm
False positive. Feel free to scan it on virustotal.com. You may want to submit the file to microsoft to get it whitelisted or simply whitelist it yourself.
I'm not convinced it is a false positive. When I updated the Client, it said I had to restart my computer, which is never normally the case, and is indicative that something deeper has been changed in the OS.

The moment I saw that, I had concerns. Then of course I tried to start the updated client, and it clearly wasn't behaving as it should.

As of right now, I'm completely removing this client from my PC. Way too many red flags, which shouldn't be ignored or casually brushed aside.

Windows Defender Detects Trojan

#17
Hi, I just got a virus warning from AVAST for version 3110, but not for version 3100 which I upgraded to earlier today. This is the first time I've seen a
warning for Tukui client. I've uninstalled the client for now just to be sure.
Just a note, when I uninstalled the client I noticed three older versions were still listed as installed (all version 3.x.x.x). I've uninstalled those also.

Windows Defender Detects Trojan

#18
@sbowesuk You should do thatever you think is best. But I assure you, it is false positives.

@SuddenlyRobots Elv did mention to us that a change he made may have fucked something up so older versions of the client would still appear in the list of installed programs. Just uninstall all of them.
ElvUI: Request Feature | Report Bug

My replies might be short sometimes due to time constraints. Nothing personal.

AVG Detects Threat (again)

#19
Kytak wrote:
Sat Sep 23, 2017 1:30 pm
Hi (me again :) ) ,

The latest update 3070 which was notified by the Tukui client to me today ( and took me to the website to download directly and requiring me to manually install from the downloaded file ) produces the error displayed in the imgurl image here: https://imgur.com/a/OZmP4 when I started the 3070 tukui client.
Image


I've made another exception but it looks like the problem has returned. The name of the threat is something called IDP.Generic

Just FYI really.
The 3010 update yesterday caused AVG to do something called a Cyberthreat assessment for 15 seconds, displaying a white panel I have never seen AVG produce before but I allowed it to go ahead and it completed the install and started up without producing any further warnings. I uninstalled it and tried it again with the same symptoms and end result.

The 3110 update today installed and started up without causing AVG to flag any warning at all.

To be sure I have run a couple of extra tools to check the overall state of the system and it comes up as clean.

All very peculiar but I'm not concerned. Thanks for your work on this :)

AVG Detects Threat (again)

#20
Kytak wrote:
Sun Sep 24, 2017 10:26 pm
Kytak wrote:
Sat Sep 23, 2017 1:30 pm
Hi (me again :) ) ,

The latest update 3070 which was notified by the Tukui client to me today ( and took me to the website to download directly and requiring me to manually install from the downloaded file ) produces the error displayed in the imgurl image here: https://imgur.com/a/OZmP4 when I started the 3070 tukui client.
Image


I've made another exception but it looks like the problem has returned. The name of the threat is something called IDP.Generic

Just FYI really.
The 3010 update yesterday caused AVG to do something called a Cyberthreat assessment for 15 seconds, displaying a white panel I have never seen AVG produce before but I allowed it to go ahead and it completed the install and started up without producing any further warnings. I uninstalled it and tried it again with the same symptoms and end result.

The 3110 update today installed and started up without causing AVG to flag any warning at all.

To be sure I have run a couple of extra tools to check the overall state of the system and it comes up as clean.

All very peculiar but I'm not concerned. Thanks for your work on this :)
Yesterday I tried to self-sign the application to see if that would fix it, could be the reason you saw that. Thank you for being patient as I work through this, I wanted to see if I could find a solution before spending hundreds of dollars on an Authenticode Certificate.

Right now I'm working under the assumption that because the .MSI installer (and the client for that matter) isn't signed from an Authenticode Certificate Authority it is causing these warnings.

Who is online

Users browsing this forum: No registered users and 1 guest