Re: Windows defender marking NVDA a trojan


 

I don't mind the occasional false positive, but here is the thing.

The following programs are currently trogens.

Virtual recorder, ok so I could use something else but I like it.

Textpal and all the older empowermentzone programs but some have been updated.

All bgt games, we sort of know why so maybe I will cut them a little slack with this one except that you need to do the same excludes to malwarebytes.

Some gmagames, and vb6 games, why is unknown.

The bsc stuff.


Yeah I know half of this is really old software but still.

That list is not huge but its enough for me not to trust things.

Now its expanded to nvda and who knows what else.

Its like the story about that boy that cried wolf.

I no longer believe that what my antivirus software is telling me is true.

So I just exclude the file.

I in fact have a different downloads folder for stuff that doesn't run nicely.

Here is the thing, any certified software seems to have a good time with it, that includes microsoft's own software.

Everything else has the potential to be wrongly recognised as something.

In the beginning I could trust the programs I used, a few of my friends and I have the same issue, true, some of my friends take risks I do not.

Sadly how to know if it is or not is unknown.

To put it bluntly now I know that a lot of stuff is targeted it tends to make my scanner very noisy.

I know that at least 100 files and folders on my drive will be misdetected.

I have had it where documents and some audio is a virus, granted those files didn't work and I replaced them so who knows, however, not much to tell if I have this noise.

Otherwise I actually agree with you in fact thats what it was like from 2000-2010 or there abouts.

Suddenly stuff that worked no longer worked.

Its the inconsistancy I just do not understand or in fact like.

I agree at least I don't get a misdetection of an actual virus, but how would I know.

Every time I get a new program, its either a trogen because the virus checker says it is or its not.

Bgt stuff with their packed files are always false so I exclude them once I have the structure of the files.

Its why a lot of devs are moving to python probably helped by the fact nvda is written in it and everyone wants to see what it can do.

To be honest the only thing one can use is virustotal and I really wish I could have virustotal as my virus scanner of choice and protection system because it uses more than 1 source.

With fibre and the like it should be possible.

I have also had inconsistancies with scanners and with some scans.

Ie its protection scan says its not but its shield says it is.

Its not happened to me but I don't take risks, I do know people on some of my networks who need to make sure they always have a backup.

If something goes down and you don't know, system doesn't reboot, so you just make it boot and you know what I mean.

Point is, if my scanner of choice is so noisy, I'm going to have to do something about it.

That means excluding the programs from being scanned.

If I was a hacker, my first port of call would be the exclude list and see what is excluded and oh dear, there you go.

I don't have my backup drives on all day long but still.

Its a pitty there is no actual exclusion list for certain things, obviously a universal one would be to huge but, still.

There is of course the tear it all down and build it back up approach but its just about the only approach if it really goes.

I could say its not good enough but there you go.

Round and round and round we will go till one of us stops.

This topic and rant has graced many lists and forums, my blog, the blog a tech friend and I use and others.

The solution is that there isn't exactly one that really works we just have to keep dodging bullets and hoping we don't screw something up by excluding the wrong folder.

I for example will probably keep old nvda about so at least things will work and exclude it from being scanned just in case.

But its a poor solution.

I think its supposed to be fixed so lets hope it is.



On 8/02/2020 3:23 am, Brian Vogel wrote:
On Fri, Feb 7, 2020 at 05:04 AM, Quentin Christensen wrote:
If it wants to flag them as "suspicious because XYZ" (and give reasoning) that's one thing, but don't categorically assert it's a virus when you don't know that.
 
If they were to do that, many would ignore the warning (if they could).   This happens.  It will always happen.  Organizations such as NVAccess report (as do users) and it gets resolved.  The system isn't perfect, but I'd prefer the occasional false positive to a single false negative.

Someone such as yourself, Quentin, certainly knows that error messages of any sort are not typically very refined in what they present.  Ideally, they'd be a lot more descriptive and accurate, but I'm not holding my breath.
 
--

Brian - Windows 10 Pro, 64-Bit, Version 1909, Build 18363  

Power is being told you're not loved and not being destroyed by it.

       ~ Madonna

 

 

Join nvda@nvda.groups.io to automatically receive all group messages.