Virus Alerts

Usage of the framework, compiler and tools

Re: Virus Alerts

Postby Zinn » Wed Sep 13, 2017 5:32 pm

Robert, which version of Windows 10 are you using? 1507, 1511, 1607 or 1703?
On my Windows 10 (1703) I am unable to get BlackBox.exe back again after deleting from defender.
Copy Blackbox.exe from my backup disk or usb-stick the backup file is deleted on my backup device too during the copy process.
The only way I get it running on windows again was: I relink BlackBox.exe on my Linux system (unchanged source) and copied the new exe file to Window.
- Helmut
Zinn
 
Posts: 58
Joined: Mon Nov 24, 2014 10:47 am

Re: Virus Alerts

Postby Robert » Wed Sep 13, 2017 8:15 pm

Zinn wrote:Robert, which version of Windows 10 are you using? 1507, 1511, 1607 or 1703?
1703
Robert wrote:So far it seems to be the case that once a file is restored it is not deleted again, even if you have not added it to a "White list".
I think I am wrong here - I am still collecting evidence.
User avatar
Robert
 
Posts: 108
Joined: Sat Sep 28, 2013 11:04 am
Location: Edinburgh, Scotland

Re: Virus Alerts

Postby Robert » Fri Sep 22, 2017 10:34 am

To add BlackBox.exe to the Windows Defender White List:
(These instructions are for the UK version of Windows 10 Pro, Version 1703.)
1 - Right click the Windows icon at the left of the bottom tool bar.
2 - Click the popup menu item "Settings".
3 - Click the "Update & security" icon.
4 - Click the "Windows Defender" option in the left menu area.
5 - Click the grey button "Open Windows Defender Security Center".
6 - Click the "Virus & threat protection" icon.
7 - Click the blue text "Virus & threat protection settings".
8 - Click the blue text "Add or remove exclusions". You may need to scroll to see this.
9 - Click the grey "+" "Add an exclusion" button.
10 - Click the popup "File".
11 - Select "...\BlaclBox\BlackBox.exe" (for example). Click "Open".
12 - Click the grey "Do you want to allow this app to make changes …" "Yes" button.
13 - Close down the window "Windows Defender Security Center".
14 - Close down the window "Settings".


To recover an already deleted (quarantined) file, see my posting dated 13-Sep-2017.
User avatar
Robert
 
Posts: 108
Joined: Sat Sep 28, 2013 11:04 am
Location: Edinburgh, Scotland

Re: Virus Alerts

Postby Josef Templ » Fri Dec 15, 2017 12:31 pm

With BlackBox 1.7.1 released now, it seems to be a good time for reporting false positives to the various anti-virus checkers.
I have done it already for BlackBox.exe and blackbox-1.7.1.zip on AVAST, but there are many more (see https://www.virustotal.com/).
The more false positive reports we file the better the chances are that the anti-virus tool providers react.
It also helps if more than a single person files a report.

Microsoft, BTW, is not reporting a false positive.

- Josef
Josef Templ
 
Posts: 206
Joined: Tue Sep 17, 2013 6:50 am

Re: Virus Alerts

Postby Zinn » Sat Mar 03, 2018 9:33 am

Today the Microsoft Defender deleted file BlackBox.exe version 1.7.1 (1014) from my computer.
Trojan:Win32/Tiggre!rfn
- Helmut
Zinn
 
Posts: 58
Joined: Mon Nov 24, 2014 10:47 am

Re: Virus Alerts

Postby cfbsoftware » Sat Mar 03, 2018 10:36 am

If you believe it to be a false positive you can report it here:

https://www.microsoft.com/en-us/wdsi/filesubmission
cfbsoftware
 
Posts: 28
Joined: Wed Sep 18, 2013 10:06 pm

Re: Virus Alerts

Postby manumart1 » Thu Jul 05, 2018 8:06 am

The antivirus Panda has told me that to avoid problems with his Antivirus, the best solution is to sign digitally the executable blackbox.exe (for stable version at least).

Now we have the signed file "blackbox-1.7.1-setup-sibfu.exe" (instalable), and that file is not detected by Panda because is signed, but the internal executable blackbox.exe is not signed.

But other Antivirus does not seem to care about the digital signature of "blackbox-1.7.1-setup-sibfu.exe": https://www.virustotal.com/#/file/0ac37db16cb7a9a42d2208c8a70cb07e9868fc3146b54d73ff5b0aa169cec201/detection
manumart1
 
Posts: 66
Joined: Tue Sep 17, 2013 6:25 am

Previous

Return to Common questions

Who is online

Users browsing this forum: No registered users and 1 guest

cron