topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Tuesday October 15, 2024, 9:15 pm
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: Kapersky reports trojan in CH&S 2.41  (Read 6694 times)

malislaw

  • Participant
  • Joined in 2014
  • *
  • Posts: 2
    • View Profile
    • Donate to Member
Kapersky reports trojan in CH&S 2.41
« on: March 25, 2017, 01:15 PM »
I am getting a trojan detection from Kapersky when installing 2.41.   This is not detected when I re-install 2.39.  See attached screenshot.

virus.jpgKapersky reports trojan in CH&S 2.41

mouser

  • First Author
  • Administrator
  • Joined in 2005
  • *****
  • Posts: 40,913
    • View Profile
    • Mouser's Software Zone on DonationCoder.com
    • Read more about this member.
    • Donate to Member
Re: Kapersky reports trojan in CH&S 2.41
« Reply #1 on: March 25, 2017, 03:01 PM »
Thanks for reporting it.

How weird..  It's definitely a false positive.

Always pays to be paranoid though.

I uploaded the exe (as anyone should if you ever get a virus report), to virustotal, to run antivirus using tons of engines, and here are the results:

https://www.virustot...982a808eca/analysis/

Screenshot - 3_25_2017 , 3_00_53 PM.pngKapersky reports trojan in CH&S 2.41

So 1/61 meaning that one crazy antivirus is malfunctioning and complaining about something it is imagining that is not real.

mouser

  • First Author
  • Administrator
  • Joined in 2005
  • *****
  • Posts: 40,913
    • View Profile
    • Mouser's Software Zone on DonationCoder.com
    • Read more about this member.
    • Donate to Member
Re: Kapersky reports trojan in CH&S 2.41
« Reply #2 on: March 25, 2017, 03:02 PM »
Hopefully kaspersky will fix the false positive in the next day or two before others get scared.

wraith808

  • Supporting Member
  • Joined in 2006
  • **
  • default avatar
  • Posts: 11,188
    • View Profile
    • Donate to Member
Re: Kapersky reports trojan in CH&S 2.41
« Reply #3 on: March 25, 2017, 03:13 PM »
Hopefully kaspersky will fix the false positive in the next day or two before others get scared.

Did you report it to them?

mouser

  • First Author
  • Administrator
  • Joined in 2005
  • *****
  • Posts: 40,913
    • View Profile
    • Mouser's Software Zone on DonationCoder.com
    • Read more about this member.
    • Donate to Member
Re: Kapersky reports trojan in CH&S 2.41
« Reply #4 on: March 25, 2017, 03:17 PM »
I shall try.

malislaw

  • Participant
  • Joined in 2014
  • *
  • Posts: 2
    • View Profile
    • Donate to Member
Re: Kapersky reports trojan in CH&S 2.41
« Reply #5 on: March 30, 2017, 07:41 PM »
Resolved - Virustotal now clears it in all 61 tests, and an updated Kapersky database lets it install and run.  All set!

mouser

  • First Author
  • Administrator
  • Joined in 2005
  • *****
  • Posts: 40,913
    • View Profile
    • Mouser's Software Zone on DonationCoder.com
    • Read more about this member.
    • Donate to Member
Re: Kapersky reports trojan in CH&S 2.41
« Reply #6 on: March 30, 2017, 08:18 PM »
Excellent.  Thanks for the initial report and the update  :up:

IainB

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 7,543
  • @Slartibartfarst
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: Kapersky reports trojan in CH&S 2.41
« Reply #7 on: March 30, 2017, 08:35 PM »
@mouser:
As I wrote here:
Storm in a teacup.
But an example of how Trend Micro and other so-called "AV" (Anti-Virus) companies have been deftly digging a hole for themselves with this nonsense, then obligingly filled it in on  top of themselves. Self-destructive and well-earned.
Meanwhile, Microsoft Defender (AKA MS Security Essentials) laughing all the way to the bank as businesses get the message...
_________________________

Could I suggest, that you, as a developer, could sidestep any future artificial dependency on these idiot AV false positives and forestall your having to go to them, literally cap-in-hand, to request that they please correct their mistakes. This would be by the simple expedient of releasing all future versions in files with a checksum (file hash) - e,g, using CRC32, MD5, SHA-1, SHA-256, etc.).

I would also suggest that the user dump whatever time-wasting false-positive AV they are using, in favour of MS Security Essentials. As a consequence, there would probably be very few of these unproductive discussion threads active any more.
Problem solved?    :tellme:

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,646
    • View Profile
    • Donate to Member
Re: Kapersky reports trojan in CH&S 2.41
« Reply #8 on: March 31, 2017, 06:30 AM »
I would also suggest that the user dump whatever time-wasting false-positive AV they are using, in favour of MS Security Essentials. As a consequence, there would probably be very few of these unproductive discussion threads active any more.

While MSE is still my favorite, it's no angel. It FP'd on me a few weeks back on a copy of f0dder's FSekrit I'd been using for years on 5 different machines.

MilesAhead

  • Supporting Member
  • Joined in 2009
  • **
  • Posts: 7,736
    • View Profile
    • Donate to Member
Re: Kapersky reports trojan in CH&S 2.41
« Reply #9 on: March 31, 2017, 06:58 AM »
While MSE is still my favorite, it's no angel. It FP'd on me a few weeks back on a copy of f0dder's FSekrit I'd been using for years on 5 different machines.

In AHK a standard technique for remapping keys is to check for some condition, then if it doesn't apply resend the same keystrokes.  To avoid an infinite loop a keyboard hook is used to detect when the key combination is actually coming from the hardware.  That alone is enough to trigger many of these AV scanners as detecting a key logger.  My hope is that the situation will become so ridiculous that the invalidity of the whole concept of AV will filter down to the typical computer users.  So far I have not seen any formula posted how many good scans it takes to offset one bad scan.  If you line up hundreds of scanners there's bound to be a bad scan in there somewhere.

Maintenance on the machine is becoming the primary purpose of the machine it seems.  Get your computing in using one hour per day because the other waking hours will be consumed maintaining the system.  :)

cranioscopical

  • Friend of the Site
  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 4,776
    • View Profile
    • Donate to Member
Re: Kapersky reports trojan in CH&S 2.41
« Reply #10 on: March 31, 2017, 01:14 PM »
Maintenance on the machine is becoming the primary purpose of the machine it seems.  Get your computing in using one hour per day because the other waking hours will be consumed maintaining the system.

Ain't that the truth!

Never mind, the Creator's update will change all that for Win10 - not fix it, just change it  ;)


IainB

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 7,543
  • @Slartibartfarst
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: Kapersky reports trojan in CH&S 2.41
« Reply #11 on: March 31, 2017, 10:01 PM »
...While MSE is still my favorite, it's no angel. It FP'd on me a few weeks back on a copy of f0dder's FSekrit I'd been using for years on 5 different machines.
__________________

Oh yes, and MSE does occasionally give annoying false positives on stuff that one has had on one's PCs for years with no prior adverse report from MSE. The workaround is to tell MSE that that particular file is an Allowed item.
My experience is that MSE gives fewer false positives than most of the other AV packages I have used.
I had put that down to the MSE developers possibly doing a more thorough job of virus signature detection than the developers of other AV software.
All this "Oh noes! The sky is falling!" and running around frantically every time there's a false positive on a downloadable software is both unproductive and time-wasting, and it puts the onus on the developer to jump through bureaucratic hoops to lodge an appeal against the false (in error) AV verdict. What ruddy cheek!
No, the responsibility more correctly lies with the AV developer to ensure that they only release bug-free, tested AV products in the first place. That testing won't exactly be rocket science, and they should have a suitably-designed testing regime for it. It will therefore probably be  a semi-automated, defined process and one which will be operating in statistical control, so they will be able to distinguish between constant cause errors and special cause errors, and thus be able to predict the former with differing levels of confidence, and mitigate against those particular risks. That's kinda like Statistics 101. As I said, it "..won't exactly be rocket science".

If they don't take that responsibility, then they are effectively just distributing the AV software in a Beta state all the time, trusting to luck and expecting the users to do their testing for them "in production", as it were.

IainB

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 7,543
  • @Slartibartfarst
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: Kapersky reports trojan in CH&S 2.41
« Reply #12 on: March 31, 2017, 10:26 PM »
Maintenance on the machine is becoming the primary purpose of the machine it seems.  Get your computing in using one hour per day because the other waking hours will be consumed maintaining the system.
____________________
Yes, and for a long time that seems to have increasingly been the case with each new release of Windows. We are all apparently being used as perpetual unpaid Beta testers for each release of the MS Windows OS - in fact we effectively pay for the privilege, in buying the licence.
Microsoft's task thus becomes to develop and release buggy pre-production software for Beta testing. A while back I was talking with a retired aeronautical engineer from McDonell-Douglas/Boeing who recalls how, in the old days, they used the Microsoft DOS OS and found bugs in it whilst using it to develop advanced computerised control systems for warplanes and commercial aircraft. Every time they found a bug, they would report it to MS, and would promptly get an updated (new) version of the OS, with the bug removed - "After a while doing this, it became pretty evident to us that we were acting as Bill Gates' unpaid outsourced development and testing team and that we had probably become indispensable to him."    :D

I don't recall that being a problem with Apple computers...so there's probably a price trade-off somewhere.

irishatheist

  • Supporting Member
  • Joined in 2012
  • **
  • Posts: 1
    • View Profile
    • Donate to Member
Re: Kapersky reports trojan in CH&S 2.41
« Reply #13 on: April 07, 2017, 07:57 AM »
Ditto,
And despite white listing, it gets blocked for "Suspicious behaviour".
This only happening under 64bit Windows 10, not on 32bit Windows 10, but there's plenty of other differences between the systems, but both have the same Kaspersky.