Bug report #21600
PDM:Trojan.Win32.Generic in qgis-bin.exe & qgis-bin-g7.exe by Kaspersky Endpoint Security 10 For Windows
|Affected QGIS version:||3.4.4||Regression?:||No|
|Operating System:||Windows 7 64bit||Easy fix?:||No|
|Pull Request or Patch supplied:||No||Resolution:||invalid|
|Crashes QGIS or corrupts data:||Yes||Copied to github as #:||29416|
Using Python plugin included. Work of plugin is walking directory tree contains hundreds of *.qgis project, read each project found and export few selected vector layers datas into GeoJson files.
After processing number of *.qgis files, Kaspersky kill qgis-bin.exe (or qgis-bin-g7.exe) process and move file into quarantine due to identify PDM:Trojan.Win32.generic.
Number of processed projects before kill by Kaspersky is different every run. Sometime it's about 30 another time more than 100.
I've confirmed this behaviour for 3.4.4-1 Madeira and 3.6.0 Noosa.
#2 Updated by Michał Klawon over 2 years ago
Direct scan by AV Kasperski did not found any infections in qGis files. Looks like heuristic AV scanner stops *.exe because actions taken by plugin seems like try to data theft...
Issue to close, this isn't qGis fault.
Maybe leave as info for other users using qGis together with AV software :-)