Win.dropper.generic in 64-bit installer

[tdel...@gmail.com]

When downloading 64-bit installer version of Clavier+  Cisco's Advanced Malware Protection (AMP) reports trojan Win.dropper.generic::90.lp.ret.sbx.tg and quarantines the installer. 

Portable zip is OK and 32-bit installer is OK.

[Guillaume]

The sha256 hash of https://github.com/guilryder/clavier-plus/releases/download/release10.8.3/ClavierSetup64.exe is: 0D8E7F30C3367DDFC0FCB90F994838DFC805B6BC32A3A8D9FEC3B417DDEE7975

If the hash matches your file, then the issue is a false positive of AMP. I recommend following up with AMP to report the false positive. I cannot do it myself as I'm not a Cisco customer (source).

Guillaume

[tdel...@gmail.com]

I'll ask Cisco TALOS team to look at it and will advise.