Topics

Windows defender marking NVDA a trojan

Quentin Christensen
 

Hi folks,

It was NVDARemote the other week, now it seems it's our turn for Microsoft's random unfounded accusations.  If you try to install the release candidate of NVDA 2019.3, Windows Defender will alert you it has found a trojan in eSpeak NG and blocked it.  The install of NVDA will fail.

As a workaround for now, you can create a portable copy of the RC and that should run fine.  You won't be able to use eSpeak NG.

NVDA 2019.2.1 installs and runs fine, even using eSpeak NG (it uses a different build of eSpeak NG).

I am not sure whether this affects Windows 7 users as well.  I have reported it to Microsoft but I would encourage everyone else to as well.  To be honest, even aside from it being our program affected, this really annoys me.  Defender has NOT found a trojan in eSpeak, its heuristic (machine learning) has guessed that it looks a bit suspicious and flagged it - Ok that happens, but say that, don't say absolutely that a known malicious software has been found.

It took a day or so to fix Defender's virus list and have NVDARemote cleared, so I expect it will probably be within about the same timeline this time around.  Apologies for the inconvenience.

--
Quentin Christensen
Training and Support Manager


Jaffar Sidek
 

Hi Quentin.  I didn't encounter such an issue.  However, I do have an alternative work around for this issue.  Since this problem arises from Windows security, then it should be dealt with at the root., so here goes.

1.  Open up windows security.

2. Arrow down to "Virus and Threat Protection" and pres space bar on it.

3. tab to "Manage Settings" link and press the space bar on it.

4. tab over to "Add Or Remove Exclusions Link" and press space bar on it.  You will land on the "Add an exclusion" button.  Press space bar on it.


5. Now you will land on the list of Items you are allowed to exclude, the "Files" item is top of the list.  Press space bar on it.

6.  Now a browse dialog box will come up.  Browse to where you have your NVDA.exe saved, then tab to the "File Name" edit box and press enter, or just press enter when you have found NVDA.exe.

Now, you might want to ensure that the NVDA Folder on your hard drive is also excluded from Windows Securities's black list after you installed it.  Follow the same procedure, only this time selecting "Folders" for the exclusion procedure.  That item comes after "Files"  HTH.  Cheers!


On 7/2/2020 12:13 pm, Quentin Christensen wrote:
Hi folks,

It was NVDARemote the other week, now it seems it's our turn for Microsoft's random unfounded accusations.  If you try to install the release candidate of NVDA 2019.3, Windows Defender will alert you it has found a trojan in eSpeak NG and blocked it.  The install of NVDA will fail.

As a workaround for now, you can create a portable copy of the RC and that should run fine.  You won't be able to use eSpeak NG.

NVDA 2019.2.1 installs and runs fine, even using eSpeak NG (it uses a different build of eSpeak NG).

I am not sure whether this affects Windows 7 users as well.  I have reported it to Microsoft but I would encourage everyone else to as well.  To be honest, even aside from it being our program affected, this really annoys me.  Defender has NOT found a trojan in eSpeak, its heuristic (machine learning) has guessed that it looks a bit suspicious and flagged it - Ok that happens, but say that, don't say absolutely that a known malicious software has been found.

It took a day or so to fix Defender's virus list and have NVDARemote cleared, so I expect it will probably be within about the same timeline this time around.  Apologies for the inconvenience.

--
Quentin Christensen
Training and Support Manager


Rosemarie Chavarria
 

Hi, Quentin,

 

I'm not having this problem on my system. I'm using espeak but I wonder if I should use something else just to be on the safe side.

 

Rosemarie

 

 

 

From: nvda@nvda.groups.io [mailto:nvda@nvda.groups.io] On Behalf Of Quentin Christensen
Sent: Thursday, February 6, 2020 8:14 PM
To: nvda@nvda.groups.io
Subject: [nvda] Windows defender marking NVDA a trojan

 

Hi folks,

 

It was NVDARemote the other week, now it seems it's our turn for Microsoft's random unfounded accusations.  If you try to install the release candidate of NVDA 2019.3, Windows Defender will alert you it has found a trojan in eSpeak NG and blocked it.  The install of NVDA will fail.

 

As a workaround for now, you can create a portable copy of the RC and that should run fine.  You won't be able to use eSpeak NG.

 

NVDA 2019.2.1 installs and runs fine, even using eSpeak NG (it uses a different build of eSpeak NG).

 

I am not sure whether this affects Windows 7 users as well.  I have reported it to Microsoft but I would encourage everyone else to as well.  To be honest, even aside from it being our program affected, this really annoys me.  Defender has NOT found a trojan in eSpeak, its heuristic (machine learning) has guessed that it looks a bit suspicious and flagged it - Ok that happens, but say that, don't say absolutely that a known malicious software has been found.

 

It took a day or so to fix Defender's virus list and have NVDARemote cleared, so I expect it will probably be within about the same timeline this time around.  Apologies for the inconvenience.

 

--

Quentin Christensen
Training and Support Manager

 

 

Ron Canazzi
 

Hi Group,

I also do not have this issue with RC3.


On 2/7/2020 12:28 AM, Rosemarie Chavarria wrote:

Hi, Quentin,

 

I'm not having this problem on my system. I'm using espeak but I wonder if I should use something else just to be on the safe side.

 

Rosemarie

 

 

 

From: nvda@nvda.groups.io [mailto:nvda@nvda.groups.io] On Behalf Of Quentin Christensen
Sent: Thursday, February 6, 2020 8:14 PM
To: nvda@nvda.groups.io
Subject: [nvda] Windows defender marking NVDA a trojan

 

Hi folks,

 

It was NVDARemote the other week, now it seems it's our turn for Microsoft's random unfounded accusations.  If you try to install the release candidate of NVDA 2019.3, Windows Defender will alert you it has found a trojan in eSpeak NG and blocked it.  The install of NVDA will fail.

 

As a workaround for now, you can create a portable copy of the RC and that should run fine.  You won't be able to use eSpeak NG.

 

NVDA 2019.2.1 installs and runs fine, even using eSpeak NG (it uses a different build of eSpeak NG).

 

I am not sure whether this affects Windows 7 users as well.  I have reported it to Microsoft but I would encourage everyone else to as well.  To be honest, even aside from it being our program affected, this really annoys me.  Defender has NOT found a trojan in eSpeak, its heuristic (machine learning) has guessed that it looks a bit suspicious and flagged it - Ok that happens, but say that, don't say absolutely that a known malicious software has been found.

 

It took a day or so to fix Defender's virus list and have NVDARemote cleared, so I expect it will probably be within about the same timeline this time around.  Apologies for the inconvenience.

 

--

Quentin Christensen
Training and Support Manager

 

 


-- 
They Ask Me If I'm Happy; I say Yes.
They ask: "How Happy are You?"
I Say: "I'm as happy as a stow away chimpanzee on a banana boat!"

Quentin Christensen
 

I believe this only affects Windows 10 at this stage?  Perhaps Rosemarie and Ron are using Windows 7?  Or their Defender hasn't updated to the latest definitions maybe?


On Fri, Feb 7, 2020 at 4:30 PM Ron Canazzi <aa2vm@...> wrote:
Hi Group,

I also do not have this issue with RC3.


On 2/7/2020 12:28 AM, Rosemarie Chavarria wrote:

Hi, Quentin,

 

I'm not having this problem on my system. I'm using espeak but I wonder if I should use something else just to be on the safe side.

 

Rosemarie

 

 

 

From: nvda@nvda.groups.io [mailto:nvda@nvda.groups.io] On Behalf Of Quentin Christensen
Sent: Thursday, February 6, 2020 8:14 PM
To: nvda@nvda.groups.io
Subject: [nvda] Windows defender marking NVDA a trojan

 

Hi folks,

 

It was NVDARemote the other week, now it seems it's our turn for Microsoft's random unfounded accusations.  If you try to install the release candidate of NVDA 2019.3, Windows Defender will alert you it has found a trojan in eSpeak NG and blocked it.  The install of NVDA will fail.

 

As a workaround for now, you can create a portable copy of the RC and that should run fine.  You won't be able to use eSpeak NG.

 

NVDA 2019.2.1 installs and runs fine, even using eSpeak NG (it uses a different build of eSpeak NG).

 

I am not sure whether this affects Windows 7 users as well.  I have reported it to Microsoft but I would encourage everyone else to as well.  To be honest, even aside from it being our program affected, this really annoys me.  Defender has NOT found a trojan in eSpeak, its heuristic (machine learning) has guessed that it looks a bit suspicious and flagged it - Ok that happens, but say that, don't say absolutely that a known malicious software has been found.

 

It took a day or so to fix Defender's virus list and have NVDARemote cleared, so I expect it will probably be within about the same timeline this time around.  Apologies for the inconvenience.

 

--

Quentin Christensen
Training and Support Manager

 

 


-- 
They Ask Me If I'm Happy; I say Yes.
They ask: "How Happy are You?"
I Say: "I'm as happy as a stow away chimpanzee on a banana boat!"



--
Quentin Christensen
Training and Support Manager


Rosemarie Chavarria
 

Hi, Quentin,

 

I'm on a windows 10 computer and I'm not having this issue.

 

Rosemarie

 

 

 

From: nvda@nvda.groups.io [mailto:nvda@nvda.groups.io] On Behalf Of Quentin Christensen
Sent: Thursday, February 6, 2020 10:00 PM
To: nvda@nvda.groups.io
Subject: Re: [nvda] Windows defender marking NVDA a trojan

 

I believe this only affects Windows 10 at this stage?  Perhaps Rosemarie and Ron are using Windows 7?  Or their Defender hasn't updated to the latest definitions maybe?

 

On Fri, Feb 7, 2020 at 4:30 PM Ron Canazzi <aa2vm@...> wrote:

Hi Group,

I also do not have this issue with RC3.

On 2/7/2020 12:28 AM, Rosemarie Chavarria wrote:

Hi, Quentin,

 

I'm not having this problem on my system. I'm using espeak but I wonder if I should use something else just to be on the safe side.

 

Rosemarie

 

 

 

From: nvda@nvda.groups.io [mailto:nvda@nvda.groups.io] On Behalf Of Quentin Christensen
Sent: Thursday, February 6, 2020 8:14 PM
To: nvda@nvda.groups.io
Subject: [nvda] Windows defender marking NVDA a trojan

 

Hi folks,

 

It was NVDARemote the other week, now it seems it's our turn for Microsoft's random unfounded accusations.  If you try to install the release candidate of NVDA 2019.3, Windows Defender will alert you it has found a trojan in eSpeak NG and blocked it.  The install of NVDA will fail.

 

As a workaround for now, you can create a portable copy of the RC and that should run fine.  You won't be able to use eSpeak NG.

 

NVDA 2019.2.1 installs and runs fine, even using eSpeak NG (it uses a different build of eSpeak NG).

 

I am not sure whether this affects Windows 7 users as well.  I have reported it to Microsoft but I would encourage everyone else to as well.  To be honest, even aside from it being our program affected, this really annoys me.  Defender has NOT found a trojan in eSpeak, its heuristic (machine learning) has guessed that it looks a bit suspicious and flagged it - Ok that happens, but say that, don't say absolutely that a known malicious software has been found.

 

It took a day or so to fix Defender's virus list and have NVDARemote cleared, so I expect it will probably be within about the same timeline this time around.  Apologies for the inconvenience.

 

--

Quentin Christensen
Training and Support Manager

 

 



-- 
They Ask Me If I'm Happy; I say Yes.
They ask: "How Happy are You?"
I Say: "I'm as happy as a stow away chimpanzee on a banana boat!"


 

--

Quentin Christensen
Training and Support Manager

 

 

Quentin Christensen
 

I got an automated email back from Microsoft saying they'd concluded the file was not malware.  Hopefully that resolution filters through fairly quickly.

My system is still flagging the file as malicious even though I've tried updating the virus definitions.

On Fri, Feb 7, 2020 at 5:03 PM Rosemarie Chavarria <knitqueen2007@...> wrote:

Hi, Quentin,

 

I'm on a windows 10 computer and I'm not having this issue.

 

Rosemarie

 

 

 

From: nvda@nvda.groups.io [mailto:nvda@nvda.groups.io] On Behalf Of Quentin Christensen
Sent: Thursday, February 6, 2020 10:00 PM
To: nvda@nvda.groups.io
Subject: Re: [nvda] Windows defender marking NVDA a trojan

 

I believe this only affects Windows 10 at this stage?  Perhaps Rosemarie and Ron are using Windows 7?  Or their Defender hasn't updated to the latest definitions maybe?

 

On Fri, Feb 7, 2020 at 4:30 PM Ron Canazzi <aa2vm@...> wrote:

Hi Group,

I also do not have this issue with RC3.

On 2/7/2020 12:28 AM, Rosemarie Chavarria wrote:

Hi, Quentin,

 

I'm not having this problem on my system. I'm using espeak but I wonder if I should use something else just to be on the safe side.

 

Rosemarie

 

 

 

From: nvda@nvda.groups.io [mailto:nvda@nvda.groups.io] On Behalf Of Quentin Christensen
Sent: Thursday, February 6, 2020 8:14 PM
To: nvda@nvda.groups.io
Subject: [nvda] Windows defender marking NVDA a trojan

 

Hi folks,

 

It was NVDARemote the other week, now it seems it's our turn for Microsoft's random unfounded accusations.  If you try to install the release candidate of NVDA 2019.3, Windows Defender will alert you it has found a trojan in eSpeak NG and blocked it.  The install of NVDA will fail.

 

As a workaround for now, you can create a portable copy of the RC and that should run fine.  You won't be able to use eSpeak NG.

 

NVDA 2019.2.1 installs and runs fine, even using eSpeak NG (it uses a different build of eSpeak NG).

 

I am not sure whether this affects Windows 7 users as well.  I have reported it to Microsoft but I would encourage everyone else to as well.  To be honest, even aside from it being our program affected, this really annoys me.  Defender has NOT found a trojan in eSpeak, its heuristic (machine learning) has guessed that it looks a bit suspicious and flagged it - Ok that happens, but say that, don't say absolutely that a known malicious software has been found.

 

It took a day or so to fix Defender's virus list and have NVDARemote cleared, so I expect it will probably be within about the same timeline this time around.  Apologies for the inconvenience.

 

--

Quentin Christensen
Training and Support Manager

 

 



-- 
They Ask Me If I'm Happy; I say Yes.
They ask: "How Happy are You?"
I Say: "I'm as happy as a stow away chimpanzee on a banana boat!"


 

--

Quentin Christensen
Training and Support Manager

 

 



--
Quentin Christensen
Training and Support Manager


Ian Blackburn
 

I’m on Windows 10 computer and the same
I update every day for all the updates and I’m running the latest version of release candidate
It went on fine thank you


On 7 Feb 2020, at 2:04 pm, Rosemarie Chavarria <knitqueen2007@...> wrote:



Hi, Quentin,

 

I'm on a windows 10 computer and I'm not having this issue.

 

Rosemarie

 

 

 

From: nvda@nvda.groups.io [mailto:nvda@nvda.groups.io] On Behalf Of Quentin Christensen
Sent: Thursday, February 6, 2020 10:00 PM
To: nvda@nvda.groups.io
Subject: Re: [nvda] Windows defender marking NVDA a trojan

 

I believe this only affects Windows 10 at this stage?  Perhaps Rosemarie and Ron are using Windows 7?  Or their Defender hasn't updated to the latest definitions maybe?

 

On Fri, Feb 7, 2020 at 4:30 PM Ron Canazzi <aa2vm@...> wrote:

Hi Group,

I also do not have this issue with RC3.

On 2/7/2020 12:28 AM, Rosemarie Chavarria wrote:

Hi, Quentin,

 

I'm not having this problem on my system. I'm using espeak but I wonder if I should use something else just to be on the safe side.

 

Rosemarie

 

 

 

From: nvda@nvda.groups.io [mailto:nvda@nvda.groups.io] On Behalf Of Quentin Christensen
Sent: Thursday, February 6, 2020 8:14 PM
To: nvda@nvda.groups.io
Subject: [nvda] Windows defender marking NVDA a trojan

 

Hi folks,

 

It was NVDARemote the other week, now it seems it's our turn for Microsoft's random unfounded accusations.  If you try to install the release candidate of NVDA 2019.3, Windows Defender will alert you it has found a trojan in eSpeak NG and blocked it.  The install of NVDA will fail.

 

As a workaround for now, you can create a portable copy of the RC and that should run fine.  You won't be able to use eSpeak NG.

 

NVDA 2019.2.1 installs and runs fine, even using eSpeak NG (it uses a different build of eSpeak NG).

 

I am not sure whether this affects Windows 7 users as well.  I have reported it to Microsoft but I would encourage everyone else to as well.  To be honest, even aside from it being our program affected, this really annoys me.  Defender has NOT found a trojan in eSpeak, its heuristic (machine learning) has guessed that it looks a bit suspicious and flagged it - Ok that happens, but say that, don't say absolutely that a known malicious software has been found.

 

It took a day or so to fix Defender's virus list and have NVDARemote cleared, so I expect it will probably be within about the same timeline this time around.  Apologies for the inconvenience.

 

--

Quentin Christensen
Training and Support Manager

 

 



-- 
They Ask Me If I'm Happy; I say Yes.
They ask: "How Happy are You?"
I Say: "I'm as happy as a stow away chimpanzee on a banana boat!"


 

--

Quentin Christensen
Training and Support Manager

 

 

Ian Blackburn
 

Also get the person to check the database update for defender if you check your computer more than once a day you can get up to 3 versions of that database Each day


On 7 Feb 2020, at 2:04 pm, Rosemarie Chavarria <knitqueen2007@...> wrote:



Hi, Quentin,

 

I'm on a windows 10 computer and I'm not having this issue.

 

Rosemarie

 

 

 

From: nvda@nvda.groups.io [mailto:nvda@nvda.groups.io] On Behalf Of Quentin Christensen
Sent: Thursday, February 6, 2020 10:00 PM
To: nvda@nvda.groups.io
Subject: Re: [nvda] Windows defender marking NVDA a trojan

 

I believe this only affects Windows 10 at this stage?  Perhaps Rosemarie and Ron are using Windows 7?  Or their Defender hasn't updated to the latest definitions maybe?

 

On Fri, Feb 7, 2020 at 4:30 PM Ron Canazzi <aa2vm@...> wrote:

Hi Group,

I also do not have this issue with RC3.

On 2/7/2020 12:28 AM, Rosemarie Chavarria wrote:

Hi, Quentin,

 

I'm not having this problem on my system. I'm using espeak but I wonder if I should use something else just to be on the safe side.

 

Rosemarie

 

 

 

From: nvda@nvda.groups.io [mailto:nvda@nvda.groups.io] On Behalf Of Quentin Christensen
Sent: Thursday, February 6, 2020 8:14 PM
To: nvda@nvda.groups.io
Subject: [nvda] Windows defender marking NVDA a trojan

 

Hi folks,

 

It was NVDARemote the other week, now it seems it's our turn for Microsoft's random unfounded accusations.  If you try to install the release candidate of NVDA 2019.3, Windows Defender will alert you it has found a trojan in eSpeak NG and blocked it.  The install of NVDA will fail.

 

As a workaround for now, you can create a portable copy of the RC and that should run fine.  You won't be able to use eSpeak NG.

 

NVDA 2019.2.1 installs and runs fine, even using eSpeak NG (it uses a different build of eSpeak NG).

 

I am not sure whether this affects Windows 7 users as well.  I have reported it to Microsoft but I would encourage everyone else to as well.  To be honest, even aside from it being our program affected, this really annoys me.  Defender has NOT found a trojan in eSpeak, its heuristic (machine learning) has guessed that it looks a bit suspicious and flagged it - Ok that happens, but say that, don't say absolutely that a known malicious software has been found.

 

It took a day or so to fix Defender's virus list and have NVDARemote cleared, so I expect it will probably be within about the same timeline this time around.  Apologies for the inconvenience.

 

--

Quentin Christensen
Training and Support Manager

 

 



-- 
They Ask Me If I'm Happy; I say Yes.
They ask: "How Happy are You?"
I Say: "I'm as happy as a stow away chimpanzee on a banana boat!"


 

--

Quentin Christensen
Training and Support Manager

 

 

 

eSpeak NG was indeed blocked on my computer, while I had already installed NVDA. I suddenly had no more speech and had to switch to the sapi 5 version of eSpeak. after I allowed eSpeak NG in defender, everything worked again.

Kind regards,
Artin Dekker

Op 7-2-2020 om 05:13 schreef Quentin Christensen:

Hi folks,

It was NVDARemote the other week, now it seems it's our turn for Microsoft's random unfounded accusations.  If you try to install the release candidate of NVDA 2019.3, Windows Defender will alert you it has found a trojan in eSpeak NG and blocked it.  The install of NVDA will fail.

As a workaround for now, you can create a portable copy of the RC and that should run fine.  You won't be able to use eSpeak NG.

NVDA 2019.2.1 installs and runs fine, even using eSpeak NG (it uses a different build of eSpeak NG).

I am not sure whether this affects Windows 7 users as well.  I have reported it to Microsoft but I would encourage everyone else to as well.  To be honest, even aside from it being our program affected, this really annoys me.  Defender has NOT found a trojan in eSpeak, its heuristic (machine learning) has guessed that it looks a bit suspicious and flagged it - Ok that happens, but say that, don't say absolutely that a known malicious software has been found.

It took a day or so to fix Defender's virus list and have NVDARemote cleared, so I expect it will probably be within about the same timeline this time around.  Apologies for the inconvenience.

--
Quentin Christensen
Training and Support Manager


 

Hmph.

Really, is this another thing we report to microsoft, or do I just exclude all the nvda program directories and settings directories like I do with all the blindness software which aparently are trogens because microsoft says so <sigh>

Seriously, we need to address this either by excluding things or something.

Else I can see a day where I will just have to run without antivirus software on all my computers that use nvda and thats just dumb.

But I guess  its being safe and secure or accessible.

Maybe I will temperarilly set nvda to sapi when I install and upgrade it.

Espeak ng version I am using now is not a virus so it must do with the version we are using in the full version.

For the time being I suggest we include the old espeak ng that is running in 19.2.1 and leave it like that and tell microsoft to fix their stuff.

Bgt I can understand, but come on now, screen reader software?

And people wander why I don't invest in good security software.

I'm going to keep a copy of 19.2.1 about when I set things up till I can exclude all the folders I need so I don't have this problem.

Seriously, can someone please try to fix this before the release?

Seriously without the sarchasm in here, this needs to get fixed as soon as possible else we may as well not bother releasing till it is.

I allready can't really run malwarebytes because my computer is so full of false trogens I may as well not bother with any security.

Its a good thing I don't need to.

We almost need a list of software that shouldn't be scanned.

Thats actually bad but I see no real way to solve any of these things.



On 7/02/2020 8:33 pm, Artin Dekker wrote:

eSpeak NG was indeed blocked on my computer, while I had already installed NVDA. I suddenly had no more speech and had to switch to the sapi 5 version of eSpeak. after I allowed eSpeak NG in defender, everything worked again.

Kind regards,
Artin Dekker

Op 7-2-2020 om 05:13 schreef Quentin Christensen:
Hi folks,

It was NVDARemote the other week, now it seems it's our turn for Microsoft's random unfounded accusations.  If you try to install the release candidate of NVDA 2019.3, Windows Defender will alert you it has found a trojan in eSpeak NG and blocked it.  The install of NVDA will fail.

As a workaround for now, you can create a portable copy of the RC and that should run fine.  You won't be able to use eSpeak NG.

NVDA 2019.2.1 installs and runs fine, even using eSpeak NG (it uses a different build of eSpeak NG).

I am not sure whether this affects Windows 7 users as well.  I have reported it to Microsoft but I would encourage everyone else to as well.  To be honest, even aside from it being our program affected, this really annoys me.  Defender has NOT found a trojan in eSpeak, its heuristic (machine learning) has guessed that it looks a bit suspicious and flagged it - Ok that happens, but say that, don't say absolutely that a known malicious software has been found.

It took a day or so to fix Defender's virus list and have NVDARemote cleared, so I expect it will probably be within about the same timeline this time around.  Apologies for the inconvenience.

--
Quentin Christensen
Training and Support Manager


 

I am not having this issue either and I have the latest update to the database but I am running 19.2.1.



On 7/02/2020 7:39 pm, Ian Blackburn wrote:
Also get the person to check the database update for defender if you check your computer more than once a day you can get up to 3 versions of that database Each day


On 7 Feb 2020, at 2:04 pm, Rosemarie Chavarria <knitqueen2007@...> wrote:



Hi, Quentin,

 

I'm on a windows 10 computer and I'm not having this issue.

 

Rosemarie

 

 

 

From: nvda@nvda.groups.io [mailto:nvda@nvda.groups.io] On Behalf Of Quentin Christensen
Sent: Thursday, February 6, 2020 10:00 PM
To: nvda@nvda.groups.io
Subject: Re: [nvda] Windows defender marking NVDA a trojan

 

I believe this only affects Windows 10 at this stage?  Perhaps Rosemarie and Ron are using Windows 7?  Or their Defender hasn't updated to the latest definitions maybe?

 

On Fri, Feb 7, 2020 at 4:30 PM Ron Canazzi <aa2vm@...> wrote:

Hi Group,

I also do not have this issue with RC3.

On 2/7/2020 12:28 AM, Rosemarie Chavarria wrote:

Hi, Quentin,

 

I'm not having this problem on my system. I'm using espeak but I wonder if I should use something else just to be on the safe side.

 

Rosemarie

 

 

 

From: nvda@nvda.groups.io [mailto:nvda@nvda.groups.io] On Behalf Of Quentin Christensen
Sent: Thursday, February 6, 2020 8:14 PM
To: nvda@nvda.groups.io
Subject: [nvda] Windows defender marking NVDA a trojan

 

Hi folks,

 

It was NVDARemote the other week, now it seems it's our turn for Microsoft's random unfounded accusations.  If you try to install the release candidate of NVDA 2019.3, Windows Defender will alert you it has found a trojan in eSpeak NG and blocked it.  The install of NVDA will fail.

 

As a workaround for now, you can create a portable copy of the RC and that should run fine.  You won't be able to use eSpeak NG.

 

NVDA 2019.2.1 installs and runs fine, even using eSpeak NG (it uses a different build of eSpeak NG).

 

I am not sure whether this affects Windows 7 users as well.  I have reported it to Microsoft but I would encourage everyone else to as well.  To be honest, even aside from it being our program affected, this really annoys me.  Defender has NOT found a trojan in eSpeak, its heuristic (machine learning) has guessed that it looks a bit suspicious and flagged it - Ok that happens, but say that, don't say absolutely that a known malicious software has been found.

 

It took a day or so to fix Defender's virus list and have NVDARemote cleared, so I expect it will probably be within about the same timeline this time around.  Apologies for the inconvenience.

 

--

Quentin Christensen
Training and Support Manager

 

 



-- 
They Ask Me If I'm Happy; I say Yes.
They ask: "How Happy are You?"
I Say: "I'm as happy as a stow away chimpanzee on a banana boat!"


 

--

Quentin Christensen
Training and Support Manager

 

 

 

Is there any way we can present all the stuff which is being detect as a virus or something to the industry or someone and tell them its not?

Bgt programs are well known, a few older programs, and the like.

However this starts getting serious when a lot of our stuff is misreported.

It seems that all accessible software is some sort of virus I know some are not as sinicle as me, but on the systems I admin with only the screen reader on them, no virus issues here I have so much false malware I can't even run a scan.

Its nice that something is automatically detecting the latest threat, but so many false possitives.

I know if it happens to some big companies they threaten to sue and the problem suddenly stops.

But I see no way to directly contact all these companies and say enough is enough.

The only way to fix this is work round it.

That means more places malware could potentially go.

Not a good solution.


What is really needed, is to have someone look at all these misdetections and see why its happening.

Its not just microsoft and malwarebytes its just about every engine from avg to antivir, to avast, to norton, to just about everything else.

So everyone must be using some sort of database from some source.

As a user I can exclude things which bypasses the problem but I don't feel good about doing that.

Neither do I feel good about having to reload something because of a issue that is not mine either.

But I'm just a user that barely understands some of the software just that it works.

This issue has plagued me and a few others I know for years.

This rant and ramble comes up every year.

Somewhere someone will mention it, either here, a forum, an email to me or a blog post and I say the same things.

Nothing gets done or can be done maybe?

Every time I ask questions but get no answers.

As A user I would vary much like to do something about it.

But what can I do.

Well report the file but if they are bigger than allowed report, and to send it to the cloud it just gets canned, hmm.

The only solution I can see is get someone to remote in and show them all the files I have excluded and why, but um, I don't know how to go about it.

Support desk is full of scripted drones.

I wouldn't trust them with my computer not after last year anyway.






On 7/02/2020 7:36 pm, Quentin Christensen wrote:
I got an automated email back from Microsoft saying they'd concluded the file was not malware.  Hopefully that resolution filters through fairly quickly.

My system is still flagging the file as malicious even though I've tried updating the virus definitions.

On Fri, Feb 7, 2020 at 5:03 PM Rosemarie Chavarria <knitqueen2007@...> wrote:

Hi, Quentin,

 

I'm on a windows 10 computer and I'm not having this issue.

 

Rosemarie

 

 

 

From: nvda@nvda.groups.io [mailto:nvda@nvda.groups.io] On Behalf Of Quentin Christensen
Sent: Thursday, February 6, 2020 10:00 PM
To: nvda@nvda.groups.io
Subject: Re: [nvda] Windows defender marking NVDA a trojan

 

I believe this only affects Windows 10 at this stage?  Perhaps Rosemarie and Ron are using Windows 7?  Or their Defender hasn't updated to the latest definitions maybe?

 

On Fri, Feb 7, 2020 at 4:30 PM Ron Canazzi <aa2vm@...> wrote:

Hi Group,

I also do not have this issue with RC3.

On 2/7/2020 12:28 AM, Rosemarie Chavarria wrote:

Hi, Quentin,

 

I'm not having this problem on my system. I'm using espeak but I wonder if I should use something else just to be on the safe side.

 

Rosemarie

 

 

 

From: nvda@nvda.groups.io [mailto:nvda@nvda.groups.io] On Behalf Of Quentin Christensen
Sent: Thursday, February 6, 2020 8:14 PM
To: nvda@nvda.groups.io
Subject: [nvda] Windows defender marking NVDA a trojan

 

Hi folks,

 

It was NVDARemote the other week, now it seems it's our turn for Microsoft's random unfounded accusations.  If you try to install the release candidate of NVDA 2019.3, Windows Defender will alert you it has found a trojan in eSpeak NG and blocked it.  The install of NVDA will fail.

 

As a workaround for now, you can create a portable copy of the RC and that should run fine.  You won't be able to use eSpeak NG.

 

NVDA 2019.2.1 installs and runs fine, even using eSpeak NG (it uses a different build of eSpeak NG).

 

I am not sure whether this affects Windows 7 users as well.  I have reported it to Microsoft but I would encourage everyone else to as well.  To be honest, even aside from it being our program affected, this really annoys me.  Defender has NOT found a trojan in eSpeak, its heuristic (machine learning) has guessed that it looks a bit suspicious and flagged it - Ok that happens, but say that, don't say absolutely that a known malicious software has been found.

 

It took a day or so to fix Defender's virus list and have NVDARemote cleared, so I expect it will probably be within about the same timeline this time around.  Apologies for the inconvenience.

 

--

Quentin Christensen
Training and Support Manager

 

 



-- 
They Ask Me If I'm Happy; I say Yes.
They ask: "How Happy are You?"
I Say: "I'm as happy as a stow away chimpanzee on a banana boat!"


 

--

Quentin Christensen
Training and Support Manager

 

 



--
Quentin Christensen
Training and Support Manager


 

Well ms has stopped updating win7 deffs now officially so it won't effect it.

As usual microsoft targets blindness software, I have exclusions for games, recorders and it seems now I will have to do the same to my screen readers and maybe sapi voices?

At this rate I may as well exclude my entire c drive!

How can we the user be secure if we get so many false alarms.



On 7/02/2020 5:13 pm, Quentin Christensen wrote:
Hi folks,

It was NVDARemote the other week, now it seems it's our turn for Microsoft's random unfounded accusations.  If you try to install the release candidate of NVDA 2019.3, Windows Defender will alert you it has found a trojan in eSpeak NG and blocked it.  The install of NVDA will fail.

As a workaround for now, you can create a portable copy of the RC and that should run fine.  You won't be able to use eSpeak NG.

NVDA 2019.2.1 installs and runs fine, even using eSpeak NG (it uses a different build of eSpeak NG).

I am not sure whether this affects Windows 7 users as well.  I have reported it to Microsoft but I would encourage everyone else to as well.  To be honest, even aside from it being our program affected, this really annoys me.  Defender has NOT found a trojan in eSpeak, its heuristic (machine learning) has guessed that it looks a bit suspicious and flagged it - Ok that happens, but say that, don't say absolutely that a known malicious software has been found.

It took a day or so to fix Defender's virus list and have NVDARemote cleared, so I expect it will probably be within about the same timeline this time around.  Apologies for the inconvenience.

--
Quentin Christensen
Training and Support Manager


Quentin Christensen
 

In fairness I don't think they targeted anything, I think it was just an over-zealous algorithm flagging something that didn't fit its model of how the world should be.  That's as it is, what I can't forgive, is Microsoft asserting that flat out that it was a known malicious trojan, when it was no such thing.

If it wants to flag them as "suspicious because XYZ" (and give reasoning) that's one thing, but don't categorically assert it's a virus when you don't know that.

I just reinstalled RC3 and Defender seems to be behaving again now.

Regards

Quentin.

On Fri, Feb 7, 2020 at 7:29 PM Shaun Everiss <sm.everiss@...> wrote:

Well ms has stopped updating win7 deffs now officially so it won't effect it.

As usual microsoft targets blindness software, I have exclusions for games, recorders and it seems now I will have to do the same to my screen readers and maybe sapi voices?

At this rate I may as well exclude my entire c drive!

How can we the user be secure if we get so many false alarms.



On 7/02/2020 5:13 pm, Quentin Christensen wrote:
Hi folks,

It was NVDARemote the other week, now it seems it's our turn for Microsoft's random unfounded accusations.  If you try to install the release candidate of NVDA 2019.3, Windows Defender will alert you it has found a trojan in eSpeak NG and blocked it.  The install of NVDA will fail.

As a workaround for now, you can create a portable copy of the RC and that should run fine.  You won't be able to use eSpeak NG.

NVDA 2019.2.1 installs and runs fine, even using eSpeak NG (it uses a different build of eSpeak NG).

I am not sure whether this affects Windows 7 users as well.  I have reported it to Microsoft but I would encourage everyone else to as well.  To be honest, even aside from it being our program affected, this really annoys me.  Defender has NOT found a trojan in eSpeak, its heuristic (machine learning) has guessed that it looks a bit suspicious and flagged it - Ok that happens, but say that, don't say absolutely that a known malicious software has been found.

It took a day or so to fix Defender's virus list and have NVDARemote cleared, so I expect it will probably be within about the same timeline this time around.  Apologies for the inconvenience.

--
Quentin Christensen
Training and Support Manager




--
Quentin Christensen
Training and Support Manager


 

Hmmm its interesting, I read a lot of articles after I posted this.

A lot were outdated, but it seems that the culprets seem to be this huristic stuff, detecting stuff which are not there.

So if you detect bad stuff you occasionally get ghosts.

Sadly a lot of antimalware things get this, some stuff is better than others.

However most of the time no one really makes much noise.

Maybe they can't.

From time to time a big company will challenge another at which point the other usually backs down and the matter is forgotten till next time.

As users I do feel that we are quite powerless though to stop it and I have heard horror stories.

Excluding a lot of drives and files is really not good, but neither is accepting everything at face  value.

Its also why I do not install or run better security software.

The most important thing apart from access is if I can access its exclusion dialog and this really shouldn't be the case.



On 7/02/2020 11:04 pm, Quentin Christensen wrote:
In fairness I don't think they targeted anything, I think it was just an over-zealous algorithm flagging something that didn't fit its model of how the world should be.  That's as it is, what I can't forgive, is Microsoft asserting that flat out that it was a known malicious trojan, when it was no such thing.

If it wants to flag them as "suspicious because XYZ" (and give reasoning) that's one thing, but don't categorically assert it's a virus when you don't know that.

I just reinstalled RC3 and Defender seems to be behaving again now.

Regards

Quentin.

On Fri, Feb 7, 2020 at 7:29 PM Shaun Everiss <sm.everiss@...> wrote:

Well ms has stopped updating win7 deffs now officially so it won't effect it.

As usual microsoft targets blindness software, I have exclusions for games, recorders and it seems now I will have to do the same to my screen readers and maybe sapi voices?

At this rate I may as well exclude my entire c drive!

How can we the user be secure if we get so many false alarms.



On 7/02/2020 5:13 pm, Quentin Christensen wrote:
Hi folks,

It was NVDARemote the other week, now it seems it's our turn for Microsoft's random unfounded accusations.  If you try to install the release candidate of NVDA 2019.3, Windows Defender will alert you it has found a trojan in eSpeak NG and blocked it.  The install of NVDA will fail.

As a workaround for now, you can create a portable copy of the RC and that should run fine.  You won't be able to use eSpeak NG.

NVDA 2019.2.1 installs and runs fine, even using eSpeak NG (it uses a different build of eSpeak NG).

I am not sure whether this affects Windows 7 users as well.  I have reported it to Microsoft but I would encourage everyone else to as well.  To be honest, even aside from it being our program affected, this really annoys me.  Defender has NOT found a trojan in eSpeak, its heuristic (machine learning) has guessed that it looks a bit suspicious and flagged it - Ok that happens, but say that, don't say absolutely that a known malicious software has been found.

It took a day or so to fix Defender's virus list and have NVDARemote cleared, so I expect it will probably be within about the same timeline this time around.  Apologies for the inconvenience.

--
Quentin Christensen
Training and Support Manager




--
Quentin Christensen
Training and Support Manager


luigi
 

Hello,

 

Thank you for this information, i will downgrade to nvda2019.2.1. Hopefully it will not affect the french voice of espeak.

 

Provenance : Courrier pour Windows 10

 

On Fri, Feb 7, 2020 at 05:04 AM, Quentin Christensen wrote:
If it wants to flag them as "suspicious because XYZ" (and give reasoning) that's one thing, but don't categorically assert it's a virus when you don't know that.
 
If they were to do that, many would ignore the warning (if they could).   This happens.  It will always happen.  Organizations such as NVAccess report (as do users) and it gets resolved.  The system isn't perfect, but I'd prefer the occasional false positive to a single false negative.

Someone such as yourself, Quentin, certainly knows that error messages of any sort are not typically very refined in what they present.  Ideally, they'd be a lot more descriptive and accurate, but I'm not holding my breath.
 
--

Brian - Windows 10 Pro, 64-Bit, Version 1909, Build 18363  

Power is being told you're not loved and not being destroyed by it.

       ~ Madonna

 

 

 

I retweeted NV Access's tweet about this because I couldn't find a good email to, well, email. I'm pretty sure this will get fixed before release, though. Still, I hope all report this error to Microsoft in some way anyway.

Ron Canazzi
 

Hi Quenton,

I am using Windows 10 on all my systems.  Windows Defender is my default anti virus.  I do have Malware bytes on two systems as well.  I am not seeing this issue at all.



On 2/7/2020 1:00 AM, Quentin Christensen wrote:
I believe this only affects Windows 10 at this stage?  Perhaps Rosemarie and Ron are using Windows 7?  Or their Defender hasn't updated to the latest definitions maybe?

On Fri, Feb 7, 2020 at 4:30 PM Ron Canazzi <aa2vm@...> wrote:
Hi Group,

I also do not have this issue with RC3.


On 2/7/2020 12:28 AM, Rosemarie Chavarria wrote:

Hi, Quentin,

 

I'm not having this problem on my system. I'm using espeak but I wonder if I should use something else just to be on the safe side.

 

Rosemarie

 

 

 

From: nvda@nvda.groups.io [mailto:nvda@nvda.groups.io] On Behalf Of Quentin Christensen
Sent: Thursday, February 6, 2020 8:14 PM
To: nvda@nvda.groups.io
Subject: [nvda] Windows defender marking NVDA a trojan

 

Hi folks,

 

It was NVDARemote the other week, now it seems it's our turn for Microsoft's random unfounded accusations.  If you try to install the release candidate of NVDA 2019.3, Windows Defender will alert you it has found a trojan in eSpeak NG and blocked it.  The install of NVDA will fail.

 

As a workaround for now, you can create a portable copy of the RC and that should run fine.  You won't be able to use eSpeak NG.

 

NVDA 2019.2.1 installs and runs fine, even using eSpeak NG (it uses a different build of eSpeak NG).

 

I am not sure whether this affects Windows 7 users as well.  I have reported it to Microsoft but I would encourage everyone else to as well.  To be honest, even aside from it being our program affected, this really annoys me.  Defender has NOT found a trojan in eSpeak, its heuristic (machine learning) has guessed that it looks a bit suspicious and flagged it - Ok that happens, but say that, don't say absolutely that a known malicious software has been found.

 

It took a day or so to fix Defender's virus list and have NVDARemote cleared, so I expect it will probably be within about the same timeline this time around.  Apologies for the inconvenience.

 

--

Quentin Christensen
Training and Support Manager

 

 


-- 
They Ask Me If I'm Happy; I say Yes.
They ask: "How Happy are You?"
I Say: "I'm as happy as a stow away chimpanzee on a banana boat!"


--
Quentin Christensen
Training and Support Manager



-- 
They Ask Me If I'm Happy; I say Yes.
They ask: "How Happy are You?"
I Say: "I'm as happy as a stow away chimpanzee on a banana boat!"