this post was submitted on 18 Jun 2026
5 points (85.7% liked)

Self-hosting

4473 readers
3 users here now

Hosting your own services. Preferably at home and on low-power or shared hardware.

Also check out:

founded 4 years ago
MODERATORS
 

So, I tried to install lidarr on my windows machine via the exe on the website, but my antivirus flagged it immediately. I am sure i could just work around this by disabling the antivirus for a bit or by composing it manually, but for all I know maybe someone inserted some malicious code. Is this an issue y'all have noticed? How can I tell if this is actually malicious?

top 4 comments
sorted by: hot top controversial new old
[–] Faceman2K23@discuss.tchncs.de 5 points 3 weeks ago

some of the more aggressive antivirus software will flag anything related to piracy.

If you are certain it was the official lidarr and is safe, you can add it to a whitelist so it is ignored.

[–] artwork@lemmy.world 2 points 3 weeks ago* (last edited 3 weeks ago) (1 children)

Wonderful day!

Depending on the anti-malware, it may be either a known signature, or heuristics.
- In case of the former, the signature may be a just a single use of function inside the safe program that matches with a malware that uses the same (e.g., in a thread or memory range the anti-malware probed);
- Heuristics - May just be too restrictive local security settings;

Yet, if you don't have enough time to investigate it locally in isolated environments as virtual machines/containers, debugging syscalls and activities in file-system, memory, network etc., there are less manual or outsources, options, including the common know ones:
- https://opentip.kaspersky.com/
- https://opentip.kaspersky.com/requests
- https://www.virustotal.com/gui/
- https://any.run/

Please stay safe!

[–] m4a@lemmy.dbzer0.com 3 points 3 weeks ago

Thanks for the diagnostic tools! According to the tools, the software is safe, so I guess I'm gonna be trying disabling the antivirus while I install and hoping that avoids the problem. I'll keep those tools bookmarked for future use

[–] violetrage@slrpnk.net 1 points 3 weeks ago

See if the developers publish hashes of their executables (something like sha1/256, md5...). Then you can take the hash of your executable, and if they are the same, you should have gotten the exact same file. This does of course not help if the place you get the hashes from is also compromised.