Re: Windows defender marking NVDA a trojan


i dont use cloud.
but security programs are not compatible with my system, makes various
problems, even i cant use my gmail!
i never trust and use them.
i sent my email again for you and i am waiting for your response and
chatting with you.
God bless you all!

On 2/10/20, Shaun Everiss <sm.everiss@...> wrote:
Hmmm again not a good idea to not use security at all unless you purely
use the cloud or something.

I never recieved any email from you though.

On 9/02/2020 9:29 pm, zahra wrote:
but i realy dont trust any security program and never use them.
i am waiting for your email, but did not recieve your reply.
did you recieve my email in the first days of new year?

On 2/9/20, Shaun Everiss <sm.everiss@...> wrote:
Hmmm I would really like some sort of antivirus/antimalware program that
you could add an exclude list to, and freely share it about.

In the list I would like:

1. the name of the file and where it came from, and also a reason why I
excluded it.

I would also like the program to scan all my excludes and then send the
files to various companies etc after testing them with say virustotal
and such and have them fixed in the rightt databases.

I'd actually like a virustotal protection and on demand scanner but
thats probably not possible.

There are various talking winpe disks about.

The easiest way to make the thing work for linux would to use something
ubuntu mate which is easy to use or something like grml/ debian in
command mode.

I've not actually managed to get many distros work out of the box.

On 9/02/2020 1:13 am, coffeekingms@... wrote:

I want to weigh in hear, a bit. I’m no security expert, at all, but I
see a couple of possible options hear. Are there any compatible ISO
images that can be put on a USB flash drive, windows and Linux, that
can be used to scan a drive, backup drives, etc for malware and remove
any that is found? Since we’re talking about exclusions, a way to
exclude false positives, and remove the negatives? I know virus
detection is complicated, and I don’t presume to have a perfect
solution, but it’s an option. Have whatever security software you
like, whichever works, but have a backup, that is separate from your
computer, so if gets infected by something nasty, you can boot
something self contained to work with. The images would have to be
accessible out of the box, without any setup needed, and I’m not sure
anything exists. I know for Linux there’s kali, bt I believe that’s
for penetration testing and the like. If not, I’d be happy to try to
put something together, if anyone is interested. Again, I’m not an
expert, and I’m not even sure how to do this but I’d be willing to
try. I’m not sure about the windows licensing and such, so it might
not be possible to put a windows based one together, but Linux is
another story. I’m not advocating Linux, but … oh hell. I don’t want
to start a flame war. Another option is to have backup software on a
flash drive that can run from a flash drive, but you’d need a
functioning system to run it.


Kendell Clark

Sent from Mail <> for
Windows 10

*From: *Shaun Everiss <mailto:sm.everiss@...>
*Sent: *Saturday, February 8, 2020 3:59 AM
*To: * <>
*Subject: *Re: [nvda] Windows defender marking NVDA a trojan

Using no security at all is dumb and stupid.

You should always have some of it.

A false negative means you get a virus and loose stuff.

Thats happened to one of my cousins ironically because he forgot to
update his norton subscription and he lost a lot of stuff, he had to
reformat to make the problem go away.

He couldn't do that himself and had to take the pc to somewhere to get
it fixed, it cost him a lot of cash.

While I am not against using security software in general I am
dissapointed and disheartened at the reasonable amount of noise in the

I know what the false positives are and what they are but unless I make
exclude lists for my software things will just get destroyed by the
software, don't use it and its worse.

But it depends what you do.

If you just use windows store apps, email via google, etc, chances are
you will be probably fine especially if everything is done in the cloud
as there is some protection there but its not perfect.

I wouldn't go about bragging you do not use security software as it is
very dangerous.

At the same time, it does concern me that every update of the so called
databases there is a chance that something else will be added to my
noisy scan data.

This means I need to lower my security by excluding things.

I do not at any way shape or form feel good about this but what else
I do.

And I far better be complaining about false alarms than getting a
I just wish things would get easier.

Something changed in the year 2003 which started us down the road of
security nightmare we are on now.

At first, a few programs, but by 2007 we were seeing noisier and
data and by 2012 it was really bad.

Since 2015 its plattoed at a point not going up or down which I guess
good, however I'd like it to go back to normal.

I shouldn't get any message from my security software unless I have a
virus and can decide on the action.

Instead I get told I have a virus which is either something new, old or
that has been working before.

Instead of running malwarebytes which I no longer have installed on any
of my systems and full scanns of windows security or others, I don't
scan at all bar a quick scan or so which is done automatically.

Back in the day I would regular do this.

But now my system is infested with a lot of viruses and I know that all
of them are false positives and they never change so I don't upgrade or

Well I don't use a thirdparty scanner, put it that way.

I started with sophos but it made sure to make all the viruses go away
screwing up my system.

It took me a great deal to reinstall windows from scratch and get
everything back.

The meaning of security software is to at least be a guide to security.

I am more insecure with security software so I have to force it to

At the same time I wouldn't go without it.

All those ransomware attacks, botnets and malwarebreaches are worse
any false positive.

Yet I really wish they would stop.

I manage a blog and a server on wordpress and do use security software.

And I havn't lost anything that wasn't supposed to be a problem, all my
files are there, no problem.

Yet in user computers companies think they can just do what they want.

On 8/02/2020 10:05 pm, zahra wrote:
false positive and false negative, are two of the main factors that i
never trust and never use security programs, antivirus, antimalware,
not sure about firewalls, but i never used and i am not familiar with
there method and the level of there reliability.
in the previous weeks, maybe in the first days of new year, i sent an
ofline email for you,
but unfortunately i did not recieve your reply and i am waiting for
your answer!
God bless you and thanks so much for your helpful replies as always.

On 2/8/20, Shaun Everiss <sm.everiss@...> wrote:
Just about every antimalware program has this false positive.

Kaspersky and a few others are supposed to be better.

Anyway what I actually said was that these programs at least some of
them detect more false than well who knows.

I have never got a virus in the last 10 years but I have got a lot of
false alarms.

Not sure about win8 etc, but yes you can exclude stuff you know is
not a

It would be good actually if you excluded the file you could report
your excluded files to the maker like microsoft and for each you
state what it was, etc and maybe get support on it.

The issue I have and maybe others, is that while some of the stuff we
know about, I spend more time stopping false alarms than actual
I am not sure if thats a good or bad thing but its certainly stopped
from getting any serious security software.

If windows defender and malwarebytes cause this much trouble with a
false positive, then I really don't want to know what a really good
antivirus will say.

But basically everything on your system is a potential virus
on the detections and stuff used.

And with the cloud based ai, I doubt that at the automated level
is much control.

If you tell them they will fix the issue but there is no reason to
it will stay fixed.

As a result all the false alarms make the display of the software
As I said, right now I have so many security holes in my computer
by so many folder excludes that if it wasn't for ransomware, I have
a mind to exclude my entire hard drive or even disable the windows
security subsystem.

However there is always the if factor so I don't.

I havn't run any full system scans in the last 10 years, and I havn't
run any malware software in the last 5 years simply because of this
With the so called inteligent stuff about bgt and maybe some older
software excluded, it seems that every software package needs a
certification id or something and while it would be nice to get one,
do wander if I could get one myself for the purpose that the software
have is not a problem or something.

I know some say I am just unlucky, but on all my other systems with
blind games, blind software and blind accessible programs there are
trogens at all and that in itself is a concern, no excludes on any
of my
other systems yet.

Maybe I may exclude nvda just because I am concerned but still, maybe
have over excluded because of all this going on.

On 8/02/2020 7:18 pm, zahra wrote:
did i understand it correctly?
i think that antivirus programs especially microsoft products,
scan the entire system and maybe remove our necessary and important
files even maybe nvda or even other files including html, docx,
and video files?
i remember that in one of the iranian websites,
someone recorded a tutorial which explained how to exclude our
folders from scanning by deffender.
his tutorial was for windows ten.
does windows deffender on windows 8 and 8.1 does the same things,
it may removes our essential and important files without worning or
informing us about this matter?

On 2/8/20, Shaun Everiss <sm.everiss@...> wrote:
Yeah some of that software uses autoit and that is known to make

At any rate its clunkey and slow as a language so I wouldn't bother
using programs written in it but you should be able to exclude
Yeah when microsoft security etc cleans things it turns user
control on at 33% by default.

On 8/02/2020 3:41 am, Ron Canazzi wrote:
Hi Quenton,

In addition, I always have Defender set to update to the latest
version. I have had odd issues with it in the past. If you are
familiar with Steve's Clock, Defender flagged that consistently.
after I allowed it under Defender settings, every time Windows
updates, it flags it again. I had to go into the settings and
manually exempt the Steve's clock folder from Defender scans. Even
then, it always brings up User Account Control when I run it. It
never comes up in start up--even though I have it set to run at
up. I have reported this to both the program developer and
with no change. I am glad that this isn't happening with NVDA
on my

On 2/7/2020 1:00 AM, Quentin Christensen wrote:
I believe this only affects Windows 10 at this stage? Perhaps
Rosemarie and Ron are using Windows 7? Or their Defender hasn't
updated to the latest definitions maybe?

On Fri, Feb 7, 2020 at 4:30 PM Ron Canazzi <aa2vm@...
<mailto:aa2vm@...>> wrote:

Hi Group,

I also do not have this issue with RC3.

On 2/7/2020 12:28 AM, Rosemarie Chavarria wrote:
Hi, Quentin,

I'm not having this problem on my system. I'm using
espeak but I
wonder if I should use something else just to be on the


*From:* <>
[] *On Behalf Of *Quentin
*Sent:* Thursday, February 6, 2020 8:14 PM
*To:* <>
*Subject:* [nvda] Windows defender marking NVDA a trojan

Hi folks,

It was NVDARemote the other week, now it seems it's our
turn for
Microsoft's random unfounded accusations. If you try to
the release candidate of NVDA 2019.3, Windows Defender
alert you it has found a trojan in eSpeak NG and blocked
The install of NVDA will fail.

As a workaround for now, you can create a portable copy
of the
RC and that should run fine. You won't be able to use

NVDA 2019.2.1 installs and runs fine, even using eSpeak
NG (it
uses a different build of eSpeak NG).

I am not sure whether this affects Windows 7 users as
well. I
have reported it to Microsoft but I would encourage
else to as well. To be honest, even aside from it being
program affected, this really annoys me. Defender has
NOT found
a trojan in eSpeak, its heuristic (machine learning) has
that it looks a bit suspicious and flagged it - Ok that
but say that, don't say absolutely that a known malicious
software has been found.

It took a day or so to fix Defender's virus list and have
NVDARemote cleared, so I expect it will probably be
within about
the same timeline this time around. Apologies for the


Quentin Christensen
Training and Support Manager

NVDA 2019.3 rc2 now available for testing:
Web: <>


User group:

Twitter: @NVAccess <>
They Ask Me If I'm Happy; I say Yes.
They ask: "How Happy are You?"
I Say: "I'm as happy as a stow away chimpanzee on a
banana boat!"

Quentin Christensen
Training and Support Manager

NVDA 2019.3 rc2 now available for testing:
Web: <>
User group:
Twitter: @NVAccess <>
They Ask Me If I'm Happy; I say Yes.
They ask: "How Happy are You?"
I Say: "I'm as happy as a stow away chimpanzee on a banana boat!"

By God,
were I given all the seven heavens
with all they contain
in order that
I may disobey God
by depriving an ant
from the husk of a grain of barley,
I would not do it.
imam ali

Join to automatically receive all group messages.