WinDefender calling epyrus a C2 threat

[Potkeny]

I guess its another false-positive the usual way, anything I can do to make MS realize its not a threat?

windows_defender_alert.PNG

[Moonchild]

anything I can do to make MS realize its not a threat?

Upload to virustotal and give it a vote of confidence. Since they bought it, etc.

[Potkeny]

Thanks, found it based on hash, upvoted.

[athenian200]

Yeah, basically this is what happens nowadays to developers who can't afford code signing... they are assumed to be hackers until proven innocent. :/

[Potkeny]

And now it's Trojan:Win32/Bearfoos.A!ml.. I guess I have to get used to Defender finding it a threat weekly unless I want to make an exception folder for it (which I don't really like).

[back2themoon]

...which I don't really like....

Consider using better security software. Not just for this issue - as far as I know, Defender's web protection only fully works with Microsoft Edge, for example. And that's hardly its only weakness.

[Raava]

And now it's Trojan:Win32/Bearfoos.A!ml.. I guess I have to get used to Defender finding it a threat weekly unless I want to make an exception folder for it (which I don't really like).

Can you upload it to https://virusscan.jotti.org/ ?

About Jotti's malware scan
Jotti's malware scan is a free service that lets you scan suspicious files with several anti-virus programs. You can submit up to 5 files at the same time. There is a 250MB limit per file. Please be aware that no security solution offers 100% protection, not even when it uses several anti-virus engines. All files are shared with anti-virus companies so detection accuracy of their anti-virus products can be improved.

Jotti uses 14 malware scanners, the best online malware scanning site via uploading files I know of. (I am not affiliated with virusscan.jotti.org in any way - I just like his approach, and I do so for many years)

I would be interested if the other scan engines are as dumb as WinDefender is.

[Potkeny]

You mean like virustotal with its collection of scanners?

https://www.virustotal.com/gui/file/fd9 ... 56ff2e7143

[Raava]

You mean like virustotal with its collection of scanners?

https://www.virustotal.com/gui/file/fd9 ... 56ff2e7143

Indeed, very similar to that. But your link puts heavy load on my browser (my machine has outdated hardware) while https://virusscan.jotti.org/ never does.
But I save your link aside my jotti one just in case I need it. (When in doubt, one can never have enough free malware scanners available.)
So, once more, thanks Potkeny .

[moonbat]

When in doubt, one can never have enough free malware scanners available.

So long as you mean online ones. Installing multiple local ones will conflict and slow down your system even more among other potential problems. Windows since XP detects if you have a third party antivirus and will disable the built in MSE/Defender in response.

[Moonchild]

But your link puts heavy load on my browser (my machine has outdated hardware) while https://virusscan.jotti.org/ never does.

Welcome to Google WebComponents.

[Raava]

So long as you mean online ones. Installing multiple local ones will conflict and slow down your system even more among other potential problems.

I meant online ones only. But good you cleared that up for the benefit of potential lurkers.

And my sole OSes left nowadays are Linux variants, since the last Windoze broke itself on my last machine hosting one I saw no reason to repair or reinstall that since on average I started Windoze once a year for a very few hours only.

Windows since XP detects if you have a third party antivirus and will disable the built in MSE/Defender in response.

As long MSE/Defender is the best and flawless malware scanner that is out there I see no issues with that.

Welcome to Google WebComponents.

Seems Google WebComponents is the pest and cholera of modern internet browsing. Thanks so much Gøøgle for that, much appreciated. *rolling eyes virtual head-desking*

[Moonchild]

Thanks so much Gøøgle for that, much appreciated.

To be fair, the frameworks jumping on using it are just as much at fault.