Not able to download it on my work laptop

Hi, I was not able to download Anki on my laptop at work, and the IT team told that the app did not pass safety test due to presence of the malicious behaviours found by the Falcon-Crowdstrike (licenced sandbox). However, these findings can be false positives; thus, IT request that I get it confirmed with the vendor (developer) of Anki as to whether this is a false positive that can be ignored without endangering company security and to explain why this is being detected.

It looks like (powered by Falcon Sandbox) doesn’t allow to upload files bigger than 100 MB, but it seems to rely on VirusTotal to some extent and I guess it’s about “Backdoor.Androm.bdka” being detected by Jiangmin.

It seems to start happening since anki-2.1.55-windows-qt6.exe.

2.1.54 -
2.1.55 -
23.10 (the latest beta) -

For 2.1.66 the Relations tab shows nothing as VirusTotal says that “Other files stored inside the file being studied”, but for 2.1.55 and the latest beta, they both list the ‘uninstall.exe’ as potentially malicious. To double-check it, I uploaded the ‘uninstall.exe’ file from the Anki’s installation folder to VirusTotal and it was detected as “Backdoor.Androm.bdka” by Jiangmin while other security vendords didn’t find anything suspicious.

The uninstall.exe file is being automatically generated by NSIS (Nullsoft Scriptable Install System) from the .nsi template provided by Anki to create an executable for Windows (and uninstaller).

It’s not uncommon for the uninstaller to be detected as malware.

For example, two other security vendors flagged the ‘uninstall.exe’ in the latest release of qutebrowser as potentially malicious.

A few similar cases where other programs were detected by Jiangmin.



This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.