In this article I describe a problem that was brought to my attention where some Kodi addons started to not work (or load properly). This issue started appearing on the newer versions of Kodi (i.e. 19.x and above using Python 3.x) on Windows machines.

Issue

Kodi and the affected addons were working fine - then after more recent installs / re-installs the affected Addons would no longer work? So something changed?

Root Cause

I had to reproduce the issue in order to determine the root cause. This approach seemed easier to isolate the problem as the users log files would likely have potentially other issues included in them. This way, I could have better control over the environment. I was successful at re-creating the issue. Upon a detailed walkthrough of the logs, I could see that certain components/modules were not working or missing from the Addon causing the Addon to fail. After reviewing and troubleshooting file permissions, user settings, reviewing system logs, etc. I eventually was able to narrow it down to being an issue with the Antivirus software. In this case when I reviewed Microsoft’s Windows Defender logs I could see that Windows was triggering on certain of the Addon files - marking them as potential “Malware” and effectively quarantining the files. These files have been around for a while (originally released years ago) and it appears that a more recent update to the Windows Defender antivirus scanner has caused it to now trigger on them as potential Malware.

Are They Safe?

After further investigation into the files in question, it appears that this may be a case of a “false positive” by the antivirus software (in this case Microsoft’s Windows Defender) as the files in question have been in circulation for while and have not previously been flagged. The files are "obfuscated" and therefore this may be the reason that they are marked as potential Malware. Of course there is always a risk when you contravene the suggestions from your antivirus scanners.

Obfuscation

Obfuscation is a technique used by programmers to protect sensitive data from prying eyes. Basically using encryption techniques to hide sensitive data from human eyes but this also makes it an ideal approach for hackers to hide their malicious code. In this case it could be that the addon in question is also hiding actual malicious code (I.e. malware, etc.), however without a more comprehensive investigation it is impossible to tell it’s true intent. The author(s) of this particular addon have claimed (gone on record) that the code is in fact safe and only operating as intended and that this does represent a false positive by the virus scanning tool.

My recommendation is that you do your own investigation to determine the risks and take the appropriate action.

Fix

Assuming that you are ok with the risk (i.e. have done your own due diligence on the files in question) - You can simply "whitelist" these files with your antivirus software, release the files in question from quarantine and/or re-install the Addon and you should be back in business.

Additional Precautionary Measures

As a precautionary step, I also used a secondary Malware detection scanner, "Malwarebytes" to scan all the files included with the addon to see if it detects any Malware. The results from the scan came back clean.

Restricted Content - Details

How To? - Kodi - Addons Will Not Load (Restricted)

 

 

Comments powered by CComment