Re: Windows defender marking NVDA a trojan


 

Hmmm its interesting, I read a lot of articles after I posted this.

A lot were outdated, but it seems that the culprets seem to be this huristic stuff, detecting stuff which are not there.

So if you detect bad stuff you occasionally get ghosts.

Sadly a lot of antimalware things get this, some stuff is better than others.

However most of the time no one really makes much noise.

Maybe they can't.

From time to time a big company will challenge another at which point the other usually backs down and the matter is forgotten till next time.

As users I do feel that we are quite powerless though to stop it and I have heard horror stories.

Excluding a lot of drives and files is really not good, but neither is accepting everything at face  value.

Its also why I do not install or run better security software.

The most important thing apart from access is if I can access its exclusion dialog and this really shouldn't be the case.



On 7/02/2020 11:04 pm, Quentin Christensen wrote:
In fairness I don't think they targeted anything, I think it was just an over-zealous algorithm flagging something that didn't fit its model of how the world should be.  That's as it is, what I can't forgive, is Microsoft asserting that flat out that it was a known malicious trojan, when it was no such thing.

If it wants to flag them as "suspicious because XYZ" (and give reasoning) that's one thing, but don't categorically assert it's a virus when you don't know that.

I just reinstalled RC3 and Defender seems to be behaving again now.

Regards

Quentin.

On Fri, Feb 7, 2020 at 7:29 PM Shaun Everiss <sm.everiss@...> wrote:

Well ms has stopped updating win7 deffs now officially so it won't effect it.

As usual microsoft targets blindness software, I have exclusions for games, recorders and it seems now I will have to do the same to my screen readers and maybe sapi voices?

At this rate I may as well exclude my entire c drive!

How can we the user be secure if we get so many false alarms.



On 7/02/2020 5:13 pm, Quentin Christensen wrote:
Hi folks,

It was NVDARemote the other week, now it seems it's our turn for Microsoft's random unfounded accusations.  If you try to install the release candidate of NVDA 2019.3, Windows Defender will alert you it has found a trojan in eSpeak NG and blocked it.  The install of NVDA will fail.

As a workaround for now, you can create a portable copy of the RC and that should run fine.  You won't be able to use eSpeak NG.

NVDA 2019.2.1 installs and runs fine, even using eSpeak NG (it uses a different build of eSpeak NG).

I am not sure whether this affects Windows 7 users as well.  I have reported it to Microsoft but I would encourage everyone else to as well.  To be honest, even aside from it being our program affected, this really annoys me.  Defender has NOT found a trojan in eSpeak, its heuristic (machine learning) has guessed that it looks a bit suspicious and flagged it - Ok that happens, but say that, don't say absolutely that a known malicious software has been found.

It took a day or so to fix Defender's virus list and have NVDARemote cleared, so I expect it will probably be within about the same timeline this time around.  Apologies for the inconvenience.

--
Quentin Christensen
Training and Support Manager




--
Quentin Christensen
Training and Support Manager


Join nvda@nvda.groups.io to automatically receive all group messages.