ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE.

DonationCoder.com Software > fSekrit

fSekrit 1.40 quarantined by Windows 10

<< < (5/5)

brotherS:
brotherS: it would be nice if you could check if Windows Defender moans about a fresh 1.40 download from the dcmembers site, as well as SJ's uncompressed build :)
-f0dder (November 14, 2020, 11:54 AM)
--- End quote ---
I just downloaded and ran both, no objections from Windows so far...

f0dder:
I just downloaded and ran both, no objections from Windows so far...-brotherS (November 14, 2020, 01:49 PM)
--- End quote ---
Hm, so it doesn't sound like it's the compression itself that Defender is complaining about, at least that's something (and consistent with Defender not complaining for me either).

Sounds like 4wd was right:
Maybe it's just that the encrypted contents of the file now match the file pattern of Trojan:Win32/Wacatac.C!ml -4wd (November 10, 2020, 03:01 PM)
--- End quote ---
Not much I can do about badly chosen, too short patterns in AV software matching encrypted data :(

Stoic Joker:
Back when I was fighting with Windows Defender eating it constantly, it was always when I hit save changes, and it bounced in and out of Temp that it got blown away. This behavior stopped when I did the original uncompressed version (that I now can't find) … But I'm not sure - I'm old, I slept since then, and I drink a bit.. :D

Granted that was a few years ago - so not the same thing - but a possible indicator of where the problem AV stuff is having could be.

Vitaliy:
hello!

Using fSekrit for years. Great idea and implementation!

Unfortunately faced with issue recently and I'm happy to found this forum and know that author of tool still replying on questions! (hopefully supporting somehow the tool).

So, my issue:
I have McAfee Antivirus (AV) on corporate laptop (can't uninstall/disable/re-configure it).
There is Adaptive Threat Protection feature/functionality there.
 
Sometimes when I enter/update file with new text (logins, passwords etc.) and save it - AV recognize the file as "Malware Detected" with threat = "Real Protect-LS!92f0ae1ffdf4", Trojan and REMOVES it!

It looks like some text in file after encryption & compressions is recognized as Trojan. If I change new entries to something more longer/simplier - it works fine. Now I always worried to enter new text & save - file can be removed by AV.

Even when I restore file and try to open it - it also cached by AV and removed ((. So the only way to continue using the file in RO mode - change the file on another PC - add some text there. But it difficult to understand what kind of text/how to changes to avoid it detection as Trojan.

Any ideas how to prevent this?

Navigation

[0] Message Index

[*] Previous page

Go to full version