Main Forum > Tweaking.com Support & Help
Trojan:Win32/Critet.BS - False positive from Defender?
Boggin:
I've removed your duplicate post.
There has always been the doubt that Kaspersky could be spying and even though there are denials from Kaspersky, I would think that if Putin ordered them to do it, there would be very little they could do to refuse given the power he has.
I don't have Kaspersky installed - I use Norton Security but have found the Kaspersky Rescue Disk very helpful in the past and while it scans the files for infections, it also seems to have some healing attributes.
As for MS and WR, it is my understanding from jpm's post that he or Shane will be contacting MS about this.
While it could be an inconvenience, you could do what Marcus5664 plans to do and that is to download and run the program in Safe Mode with Networking if/when you need to use it - it isn't or shouldn't be a program that you need to run regularly.
AFAIK it is a life time licence and not annual, so it won't expire.
jpm:
--- Quote from: fabrikator on March 19, 2018, 10:47:24 pm ---OK all you tweaking virus experts, I think I'm back in the right place now. I hit the wrong button last time and double posted. Sorry !
We can all carry on about all the virus protection programs giving out false positives, but I'd like Shane or jpm to ponder this :
Why does v4.0.15 get flagged for the Critet virus but v4.0.14 DOES NOT ?? Something ain't right
And to Boggin, Major Geeks should have v4.0.14. It works just fine.
fab
--- End quote ---
We do not know exactly why. It could be something as simple as pattern matching. I remember a friend had his credit card number detected as a virus because part of the numbers matched the hash on a known virus - true story. Heck Malwarebytes detected my personal photography as a virus a couple months back. Explain that one.
In this case a LOT of files were detected from a LOT of companies. All we know is that they all use VB -- so it had something to do with that. But exactly what, no idea. Our product is 100% clean. They were wrong and they aren;t about to tell us why they were wrong for all the reasons you would suspect. It certianly isn't something we can prepare for either. Someone at MS made a mistake. They fixed it. But that is exactly how the antivirus world works. Happens ALL the time.
It is better to have an AV than nothing - but really it is a lot of security theater.
Boggin:
So have MS fixed this now ?
fabrikator:
I have been following this thread ever since v4.0.15 was released and have posted to it several times. I run Windows 7 PRO with Microsoft
Security Essentials as my virus protector. I think we can all agree that this is a Microsoft Security Essentials error, however after about a
dozen MSSE virus updates, v4.0.15 is still being flagged with the virus. Here are my latest questions :
1. Has Tweaking.com contacted Microsoft about this issue, and id so, is there a fix ?
2 Why is it that only v4.0.15 is flagged and NOT v4.0.14 ? What is different ?
Thanks,
fab
jpm:
Yeah - we contacted them about 3 seconds after we found out. I believe it took them 6 hours to responded that it was fixed. There was never anything to do with anything on a user end. It was their mistake on matching.
No they never told us why, but it wasn't just our program it was a number of them around the web.
I would love it if they told us why - but it was most likely a coding error on their end and if they admitted it they would open up to legal issues. Especially since what I have been able to divine is the programs that were flagged all used api calls to VB -- which is Microsoft's programming language. So essentially Defender flagged VB. So whoever or however they made the error - it will never come out of Redmond. :)
Each time we release the exe is recompiled. So the 4.0.14 would have a completely different hash and "look" than 4.0.15. When we release 4.0.16 odds are something will flag it as a false positive after release. It may not be defender, but it will be something. This shit happens all the time with every one of the antivirus apps - it is the bain of the software authors existence. It's annoying but part of how the security industry works.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version