Page 1 of 1
[SOLVED] Github Desktop package: antivirus detection
Published: July 22, 2025 - 2:05 PM
by Mikael_S
Hello,
Regarding the GitHub-desktop package 3.5.1.0-1, we have a Trojan alert concerning the file "brotli.exe" (apparently a compression algorithm).
The antivirus is Trellix.
This file is located in the user's local AppData folder.
Have you received any reports about this?
For your information, I haven't noticed anything like this in previous versions.
Re: Github Desktop package: antivirus detection
Published: July 22, 2025 - 3:39 PM
by dcardon
Hello Mikael,
I checked the wapt package itself, the installation MSI file, and the brotli.exe file (which itself comes from mingw64).
wapt package tis-github-desktop_3.5.1.0-1_x64_windows_PROD.wapt (result: "No security vendors flagged this file as malicious")
https://www.virustotal.com/gui/file/fcc ... dde1a30bd0
file GitHubDesktopSetup-x64.msi (result: "No security vendors flagged this file as malicious")
https://www.virustotal.com/gui/file/d89 ... a6d010c6e6
file C:\Users\Administrator\AppData\Local\GitHubDesktop\app-3.5.1\resources\app\git\mingw64\bin\brotli.exe (result: "No security vendors flagged this file as maliciousVendors flagged this file as malicious.
(https://www.virustotal.com/gui/file/224 ... 754d9cda13)
There's a version of Trellix on VirusTotal, and it's not reporting anything. Perhaps the status has been updated in the meantime. Could you please retest after updating the antivirus database?
Sincerely,
Denis
Re: Github Desktop package: antivirus detection
Published: July 22, 2025 - 3:58 PM
by Mikael_S
Thanks for the feedback.
The database is updated daily, and I deployed it a week ago. No one seems to have run it since...
Indeed, VirusTotal found nothing...
I just saw a new release, 3.5.2, on their website; I'll test it.
Edit: In v3.5.2, the executable works for Trellix.
Re: Github Desktop package: antivirus detection
Published: July 22, 2025 - 4:15 PM
by dcardon
Hi Mikaël,
thanks for the quick reply
. I'm marking the topic as resolved.
Denis