Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Antivirus software reporting #3230

Closed
monkeycc opened this issue Feb 18, 2023 · 20 comments
Closed

Antivirus software reporting #3230

monkeycc opened this issue Feb 18, 2023 · 20 comments

Comments

@monkeycc
Copy link

微信截图_20230218104922

gradio\frpc_windows_amd64

https://weishi.360.cn/jisu/

https://www.360totalsecurity.com/
@abidlabs
Copy link
Member

Hmm thanks for reporting. I'm not sure if there's anything we can do here except to confirm that frpc_windows_amd64 is not a virus, it's needed to set share=True.

@ecker00
Copy link

ecker00 commented Mar 9, 2023

Also got this reported, and it's flagged by 36 of 68 vendors on VirusTotal: https://www.virustotal.com/gui/file/c9db0db0f0f41ce3fe84f92a785d4ba0ab351ee231ce9e53924a168889a525fd

What exactly is this file, and why would it be flagged?

@abidlabs
Copy link
Member

abidlabs commented Mar 9, 2023

Hi @ecker00 it's a file that allows you to create a public link for your Gradio app (when you set share=True in your launch() method)

@erhanX
Copy link

erhanX commented Mar 29, 2023

@abidlabs It is also detected by Defender and quarantined so it is not really helping on Windows unless you give instruction how to whitelist the file or get it out of the virus DBs or just don't care. ;)

@abidlabs
Copy link
Member

@erhanX can you try these steps: https://www.makeuseof.com/how-to-whitelist-files-windows-defender/?

@erhanX
Copy link

erhanX commented Mar 29, 2023

I know how to whitelist. It is not about me. I am just notifying you that any normal Windows user will have this problem. Maybe it was not detected before by Defender when the other person reported it.

Maybe make it an optional package which first gets installed when public=True is used first time and put this information there. Or leave it as it is because people who dont use it will not notice anyway.

@abidlabs
Copy link
Member

Maybe make it an optional package which first gets installed when public=True is used first time

That is the current behavior actually

and put this information there

That's a good idea, we'll do that, thanks!

@abidlabs abidlabs mentioned this issue Mar 29, 2023
Open
1 task
@binary-husky binary-husky mentioned this issue Mar 30, 2023
Closed
@Ju1-js Ju1-js mentioned this issue Mar 30, 2023
Closed
1 task
@robertbozsa
Copy link

Avast also sees this file as malware and moves it to quarantine.

File: frpc_windows_amd64_v0.2
Threats: FileRepMalware & Win64:Malware-gen
Path: C:\Users\user1\AppData\Local\Programs\Python\Python310\Lib\site-packages\gradio\frpc_windows_amd64_v0.2

Although it is moved to quarantine the application still seems to work. Is this file necessary for something?

This was installed as part of the process to setup a custom knowledgebase for ChatGPT.

https://beebom.com/how-train-ai-chatbot-custom-knowledge-base-chatgpt-api/

@xaviviro xaviviro mentioned this issue Jun 8, 2023
Closed
@gitihobo
Copy link

gitihobo commented Jun 8, 2023

Multiple anti-virus detect as riskware, anything that can be done about that? How about another script that removes any unnecessary components if you wish to make your environment completely offline?

@mijaba mijaba mentioned this issue Jun 19, 2023
Closed
1 task
@abidlabs abidlabs mentioned this issue Jul 3, 2023
Merged
@Tps-F Tps-F mentioned this issue Aug 30, 2023
Open
Closed
@ayoubachak
Copy link

Maybe make it an optional package which first gets installed when public=True is used first time

That is the current behavior actually

and put this information there

That's a good idea, we'll do that, thanks!

Can you please add a warning for corporate computers, the file singlehandedly blocked every activity in my computer ( antivirus detected it ), now it's taken for maintenance.
I'm pretty sure I won't be the only one who had this issue, I have to mention that I myself went and downloaded the file and it wasn't detected as a malware in the beginning.

@carlthome
Copy link

The enterprise security department where I work also alerted on this.

@niccokingdom
Copy link

Same here, flagged by corporate, isn't it possible to fix the file, that seems like one of the main straightforward features to be able to share apps? Thanks

@salvasisua2
Copy link

image

McAfee detect...

@Woahai321
Copy link

SentinelOne also reports this as malware.

@danmack
Copy link

danmack commented Jun 5, 2024

crowdstrike falcon also quarantines this as Adware/Malware.

@mulder1
Copy link

mulder1 commented Jun 12, 2024

Frp component is a reverse proxy written by a Chinese programmer.
It's like saying welcome to trouble if you install it on your computer. No sane corporate environment will allow that

@nucklearproject
Copy link

Same problem here 😴
image

@jblouin
Copy link

jblouin commented Aug 3, 2024

Symantec also reports this as a security issue
symantec_gradio_frpc_issue

@xarical
Copy link

xarical commented Aug 14, 2024
edited
Loading

Can I get a confirmation that "Misleading:Linux/FRP.B!MTB" is related to this issue? All I know is that I was in the process of downloading my Gradio project (that uses share=True) for archiving. Heart stopped for a sec when I got the warning from the AV (it didn't mention what triggered the warning, so I can only guess that it's what I had just downloaded) and I'm still trying to figure out whether or not I'm screwed

@cartolid
Copy link

Cytomic EPDR also reports it as PUP/generic (and deletes it).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests