Main Forum > Tweaking.com Support & Help
Trojan:Win32/Critet.BS - False positive from Defender?
jpm:
I think you misunderstand how the entire antivirus thing works. Microsoft, Malwarebytes, Avira - all of them have false positive. Hell. Malwarebytes detected some of my photos the other day as virus (which BTW isn't even possible). They do it as a matter of course.
The dirty secret is some company's - the big ones - are white listed. They can do whatever they like and release whatever they like. That is dangerous. Small companies are not - we use something called code signing which validates our product - but sometimes that is plain ignored, missed and we get "false positive" detections
The antivirus companies further more depend on from known lists - most of which are t the same. Meaning they all the detect the same known thing. Hence., they realty detect something that isn't known -- until someone discovers it and it comes on the list.
To try and get around this they use heuristics that try and uses that something may be in the realm of a viral infection -- that leads to more false positives. Don't believe me, read it from one of the best utility programmers ever. https://www.nirsoft.net/false_positive_report.html This is why you see "generic" or "Trojan.gen" a lot. meaning they have no idea what this is and it could be something generic -- or nothing.
There is no way for us to know when and if someone will detect our software as a false positive -- and it happens a lot. We have to wait for them to make a mistake and report it to them. Then wait for them to fix it. Which sucks for us.
Hell I wrote a company called cylance like 3 months ago and they still haven't fixed it. I suppose that is why no one uses cylance. Clearly, they don't keep pace.
In this case Microsoft plain screwed up something and detect a crapload of software with the same thing.
https://forum.kerbalspaceprogram.com/index.php?/topic/172357-trojanwin32critetbs/
We reported it, they fixed it - I don't expect and apology from them. But that is how the system unfortunately works. It sucks, but that is what it is.
We do our job correctly and produce quality clean software. If you don't want to white list it, that's your call. Just wait for the next update and we will be cleared. But you, as consumers have to take a stand to help fight the false positive problem. Authors have been fighting it to no avail.
--- Quote from: ergo on March 17, 2018, 04:32:06 pm ---I would have thought that that shouldn't be our job, we just purchased the license. I had the impression that the program is supposed was developed with Microsoft's blessing. It's not right for every user to have to struggle with Microsoft to make sense of it. I thought the idea was you do the work and we pay for the license. So now we're supposed to multiply efforts between us all when we have no idea what is going on.
I don't want to whitelist it because maybe how do I know the program doesn't actually have a Trojan in it? As it is I'm getting paranoid with all this cyber hacking. E.g., from what I read I'm pretty sure Kaspersky virus checker seems to have been hacking user's computers on behalf of Putin (the US govt is barring its use)
I just got the trojan message from Microsoft Defender today, I bet there will be lots more than already reported it. Isn't it Tweaking.com's job to make sure that we are safe?
Rani
--- End quote ---
ergo:
Boggin, are you serious? Is it really that easy for you to write all of us off, we're on our own, have to fend for ourselves even though you're talking about possibly hundreds of people struggling with microsoft over something that shouldn't be our problem to begin with?
How about this. I don't want to waste my time over something that is not my responsibility. So how about if you all offer us refunds for the remainder of our subscription?
Microsoft wiped out the software. Even if I wanted to, I don't think it will let me reinstall it. And why would I want to, when I'm not sure it's a trojan?
Why is it my job - along with everyone else - to deal with this?
And why should I trust you enough to whitelist you?
So I'd say, rather than blowing us all off - and especially given that our software has been eviscerated - why don't you owe all the subscribers with this problem their money back for the remaining time?
I don't care about the money, it's about acting like a decent business that is willing to deal with its own problems with Microsoft.
*.* the way I read the messages from the program, I had the impression that Tweaking was joined at the hip with Microsoft.
Jeez. Do you think we have so much time to struggle with something that's not worth our time?
Boggin:
@ ergo - I've removed your duplicate post, but haven't you read or understood a word that jpm has posted.
BTW - I'm only a volunteer on this forum and have no authority for the administration of any of Tweaking.com's programs - and while it has been known for MS techs to have used the repair program, they are not "joined at the hip" and are two different companies.
When Norton kicked out my Pro version I contacted Norton and they white listed it for me and I left it white listed for about a month before removing it from the white list to see if it still conflicted with it - it didn't.
I don't know if Norton moderated their Definitions or the newer Definitions moved on so that it no longer thought it a threat, but MS won't do anything about it if they don't know about it - which is why I've advised to contact MS.
When my Pro version updated to 4.0.15 through the program, there was no such alert and when I did a manual download, Norton reported it as safe, which is good enough for me.
The fault is not with the program but with MS, so that is who you need to contact to address this other than adding it to the white list.
Tweaking.com is quite safe - read jpm's post.
jpm:
People have - because of good marketing - the belief that antivirus companies keep them safe and are perfect. I have 20 years in the software business that says that they are mainly full of crap. :)
Antivirus apps are more and more becoming modern day scareware and less and less a protection software.
But to restate what I said, false postives with ALL antivirus apps are commonplace. When it happens, it is incumbant on the author of the software to notify the AV company detecting them to fix it.
In this case, from reading about other software the was hit with the "Critet.BS " designation (Seems BS stands for BullShit) - it looks like Windows Defender was tagging that used certian funtions in VB.net programing language. For those who don;t know, VB.net is a micorosft programming language.
How do you hold Tweaking.com responsible for that?
Boggin:
--- Quote from: grimley on March 18, 2018, 11:25:34 am ---Removed .15 and tried to install .14.
Installer reports an error (pointing to the install directory).
Defender barfs.
--- End quote ---
Where did you get the download for .14 ?
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version