Post Reply 
Antivirus Flagging Sleepyhead as Trojan
Author Message
AlanE Offline

Advisory Members

Posts: 1,496
Joined: Mar 2015

Machine: ResMed AirSense 10 Autoset
Mask Type: Nasal pillows
Mask Make & Model: P10 & Mirage Liberty backup
Humidifier: Built-in
CPAP Pressure: 10-14
CPAP Software: ResScan SleepyHead

Other Comments: ʕ•ᴥ•ʔ So Long, and Thanks for All the Fish

Sex: Male
Location: Southwest Florida

Post: #1
Exclaimation Antivirus Flagging Sleepyhead as Trojan
It seems that some Antivirus software, Kaspersky for example, flags the Sleepyhead installer as a Trojan.MSIL.CoinStealer.gk. This is a false positive.

I have scanned both installers, Singapore and Sleepfiles. Neither is flagged with MSSE (Win 7) or Bitdefender (Win 10). Mark has submitted a sample to Kaspersky for exclusion. Hopefully it will be included in a future definition update.

For now, if you have AV such as Kaspersky, you can temporarily disable it to install SleepyHead. It is not a trojan.



Using FlashAir W-03 SD card in machine. Access through wifi with FlashPAP or Sleep Master utilities.

I wanted to learn Binary so I enrolled in Binary 101. I seemed to have missed the first four courses. Big Grinnie
04-28-2016 08:02 AM
Find all posts by this user Post Reply Quote this message in a reply

Donate to Apnea Board
Sleeprider Online
Wiki Editor
Advisory Members

Posts: 3,361
Joined: Dec 2014

Machine: Resmed Aircurve 10 Vauto
Mask Type: Nasal pillows
Mask Make & Model: Resmed Airfit P10
Humidifier: Resmed Climateline
CPAP Pressure: Auto Bilevel 18/9, PS 3
CPAP Software: ResScan SleepyHead EncoreBasic

Other Comments:

Sex: Male
Location: Where they make Respironics

Post: #2
RE: Antivirus Flagging Sleepyhead as Trojan
I saw this in Mark's Facebook post. If anyone installing Sleepyhead is having issues with their anti-virus throwing warnings, he wants to know information about the anti-virus program name and warning that it is giving. Here are Mark's comments:

Quote:Has anyone else had the SleepyHead installer flagged by any anti-virus software on Windows?

I've had a (single) report Kaspersky's (2016) heuristic engine is flagging the .exe installer package as crapware... this is most likely a false positive because of the Qt Installer Frameworks being binary packed, and heuristic scanners don't like that.

So far, myself or anyone else who tested this today for me has been able to replicate this, but this kinda stuff always gets me more than a little on edge.

More than likely it's just a hypersensitive scanner, or perhaps this guys computer is compromised, and that's why it's flagging it on him, but I just want to make sure Qt installer framework isn't causing unnecessary ugliness that breaks anti-virus/malware
unsure emoticon

Qt Installer Framework is safe, it's a legitimate part of the Qt project that SleepyHead is built on top of.

My windows box is kept up to date and protected, and only used for SleepyHead testing and builds, and there is no way in heck I'd let any form of crapware get in. (I'd never live it down!)

My server is kept secure and up to date.. I can verify the SHA1 sums shown on sleepyhead.jedimark.net still matches the hosted files, as well as what the local copy I built and uploaded from here.

Anyway, if you've had to shut your AV software up to install SleepyHead, please let me know.

______________________________________________
Organize your SleepyHead Data
Post your SleepyHead Data from Imgur
Robysue's Beginner's Guide to Sleepyhead
04-28-2016 09:00 AM
Find all posts by this user Post Reply Quote this message in a reply
mdmarmd Offline

Members

Posts: 4
Joined: Dec 2013

Machine: Resmed AirSense 10
Mask Type: Nasal pillows
Mask Make & Model: Resmed AirFit P10
Humidifier: for the AirSense 10
CPAP Pressure: 13
CPAP Software: ResScan SleepyHead

Other Comments:

Sex: Male
Location:

Post: #3
RE: Antivirus Flagging Sleepyhead as Trojan
I have been trying to download the installation file from your site and Norton Security is quarantining it and deleting it before I can even see the file in my downloads. It says it is a Trojan.Gen.2 and is high risk

Doug


Attached File(s) Thumbnail(s)
   
05-21-2016 12:23 AM
Find all posts by this user Post Reply Quote this message in a reply

Donate to Apnea Board
holden4th Offline

Advisory Members

Posts: 239
Joined: Dec 2015

Machine: PR System One REMStar 60 Series Auto with Bluetooth
Mask Type: Nasal mask
Mask Make & Model: Respironics Dreamwear
Humidifier: Remstar Heated Humidifier
CPAP Pressure: 11- 15 APAP
CPAP Software: SleepyHead

Other Comments:

Sex: Male
Location: Gold Coast Australia

Post: #4
RE: Antivirus Flagging Sleepyhead as Trojan
That's Norton for you!
05-21-2016 03:58 AM
Find all posts by this user Post Reply Quote this message in a reply
AlanE Offline

Advisory Members

Posts: 1,496
Joined: Mar 2015

Machine: ResMed AirSense 10 Autoset
Mask Type: Nasal pillows
Mask Make & Model: P10 & Mirage Liberty backup
Humidifier: Built-in
CPAP Pressure: 10-14
CPAP Software: ResScan SleepyHead

Other Comments: ʕ•ᴥ•ʔ So Long, and Thanks for All the Fish

Sex: Male
Location: Southwest Florida

Post: #5
RE: Antivirus Flagging Sleepyhead as Trojan
Can you click on Restore? That should put the file back. I would disable Norton before running the installer. Re-enable it after. Or just "white list" the installer.



Using FlashAir W-03 SD card in machine. Access through wifi with FlashPAP or Sleep Master utilities.

I wanted to learn Binary so I enrolled in Binary 101. I seemed to have missed the first four courses. Big Grinnie
05-21-2016 10:57 AM
Find all posts by this user Post Reply Quote this message in a reply

Donate to Apnea Board
Serenity47 Offline

Members

Posts: 4
Joined: Jun 2016

Machine: Phillips Dreamstation
Mask Type: Nasal pillows
Mask Make & Model: Resmed P10
Humidifier: Phillips Dreamstation
CPAP Pressure: 9
CPAP Software: Other Software

Other Comments:

Sex: Female
Location: Australia

Post: #6
RE: Antivirus Flagging Sleepyhead as Trojan
I am having the same issue, Nortons keeps deleting it saying it has Trojan.Gen.2 in it .... am i meant to ignore that result ?
06-10-2016 10:52 PM
Find all posts by this user Post Reply Quote this message in a reply
SuperSleeper Offline

Administrators

Posts: 9,972
Joined: Feb 2012

Machine: PR System One REMstar Auto (DS560)
Mask Type: Nasal pillows
Mask Make & Model: ResMed Mirage Swift II
Humidifier: none
CPAP Pressure: 12.5 - 18.5 cmH20 (auto range)
CPAP Software: SleepyHead

Other Comments: Have diabetes Type II

Sex: Male
Location: Illinois, USA

Post: #7
RE: Antivirus Flagging Sleepyhead as Trojan
I think that it's safe to say that SleepyHead is not a trojan. This is just one of those over-reactions by anti-virus software that is designed to "play it safe" and mark a legitimate software program as a trojan simply because it doesn't "know for sure" rather than risk someone getting infected.

Sort of like you telling a doctor that your arm hurts, and you tell them you drank a glass of milk an hour before it started hurting. Then the doctor says, "I think you should stop drinking milk". Most likely, the milk had nothing to do with your arm hurting.

Coffee

SuperSleeper
Apnea Board Administrator
www.ApneaBoard.com


INFORMATION ON APNEA BOARD FORUMS OR ON APNEABOARD.COM SHOULD NOT BE CONSIDERED AS MEDICAL ADVICE. ALWAYS SEEK THE ADVICE OF A PHYSICIAN BEFORE SEEKING TREATMENT FOR MEDICAL CONDITIONS, INCLUDING SLEEP APNEA. INFORMATION POSTED ON THE APNEA BOARD WEB SITE AND FORUMS ARE PERSONAL OPINION ONLY AND NOT NECESSARILY A STATEMENT OF FACT.

06-11-2016 09:24 AM
Find all posts by this user Post Reply Quote this message in a reply

Donate to Apnea Board
packtheknife Offline

New Members

Posts: 2
Joined: Apr 2016

Machine: System One Bipap (750P)
Mask Type: Nasal mask
Mask Make & Model: ResMed Mirage Micro (among others)
Humidifier: PR System One Heated Humidifier
CPAP Pressure: 8.5-12
CPAP Software: SleepyHead

Other Comments: Also use Somnomed dental appliance

Sex: Male
Location: Southwest Va. in the Blue Ridge mountains

Post: #8
RE: Antivirus Flagging Sleepyhead as Trojan
I am getting this message, so I can't load the software. What do I do now?

Connection is not secure. Go Back
06-11-2016 10:30 AM
Find all posts by this user Post Reply Quote this message in a reply
Crimson Nape Offline

Monitors

Posts: 1,329
Joined: Oct 2014

Machine: ResMed S9 Autoset
Mask Type: Other
Mask Make & Model: P-10 / F&P Simplus / DreamWear
Humidifier: H5i w/Climateline
CPAP Pressure: 8 - EPR 3
CPAP Software: SleepyHead

Other Comments: CMS-50F & 50IW

Sex: Male
Location: Georgia

Post: #9
RE: Antivirus Flagging Sleepyhead as Trojan
packtheknife,
The jedimark.net site, the one linked at the top of the page, is currently producing an error until Mark updates his site security certificate. In the interim, please use one of the following links:

1.0.0-beta-2 for WinXP/Vista/7/8/10:
http://www.SleepFiles.com/SH/files/snaps...160422.exe
note:You need to uninstall the old version first if you want to install from this download.


1.0.0-beta-2.2 for MacOSX 10.7+:
http://www.SleepFiles.com/SH/files/snaps...160421.dmg

You may want to disable your anti-virus program before downloading.

Statistics prove that people who have more birthdays live longer.
(This post was last modified: 06-11-2016 02:08 PM by Crimson Nape.)
06-11-2016 02:06 PM
Find all posts by this user Post Reply Quote this message in a reply

Donate to Apnea Board
SuperSleeper Offline

Administrators

Posts: 9,972
Joined: Feb 2012

Machine: PR System One REMstar Auto (DS560)
Mask Type: Nasal pillows
Mask Make & Model: ResMed Mirage Swift II
Humidifier: none
CPAP Pressure: 12.5 - 18.5 cmH20 (auto range)
CPAP Software: SleepyHead

Other Comments: Have diabetes Type II

Sex: Male
Location: Illinois, USA

Post: #10
RE: Antivirus Flagging Sleepyhead as Trojan
Red, your links don't work, since you copied the truncated version. Here's the full working links:


1.0.0-beta-2 for WinXP/Vista/7/8/10:

http://www.SleepFiles.com/SH/files/snaps...160422.exe
note:You need to uninstall the old version first if you want to install from this download.


1.0.0-beta-2.2 for MacOSX 10.7+:
http://www.SleepFiles.com/SH/files/snaps...160421.dmg


NOTE: to copy a longer link properly, you'd have to click on REPLY and copy the entire code from there, since copying the code from the post itself will result in the "..." truncated link, not the actual URL.

SuperSleeper
Apnea Board Administrator
www.ApneaBoard.com


INFORMATION ON APNEA BOARD FORUMS OR ON APNEABOARD.COM SHOULD NOT BE CONSIDERED AS MEDICAL ADVICE. ALWAYS SEEK THE ADVICE OF A PHYSICIAN BEFORE SEEKING TREATMENT FOR MEDICAL CONDITIONS, INCLUDING SLEEP APNEA. INFORMATION POSTED ON THE APNEA BOARD WEB SITE AND FORUMS ARE PERSONAL OPINION ONLY AND NOT NECESSARILY A STATEMENT OF FACT.

06-11-2016 03:23 PM
Find all posts by this user Post Reply Quote this message in a reply
Post Reply 


Forum Jump:

Who's Online (Complete List)