My antivirus deletes the CPS installer
My antivirus deletes the CPS installer
Windows 11 security is deleting the file as soon as I download it, stating there is a virus in the file.
I cannot bypass it, unfortunately it my business computer and it is managed by security folks.
This is new, in the past I had no issues. I downloaded the latest version from 01/22/2024. No way to install it.
Thanks
I cannot bypass it, unfortunately it my business computer and it is managed by security folks.
This is new, in the past I had no issues. I downloaded the latest version from 01/22/2024. No way to install it.
Thanks
Re: New CPS 2024 01 22
Its impossible to prevent the CPS being falsely flagged as a virus, as has been extensively discussed before
For how to set a folder as excluded from microsoft antivirus automatic deletion. See
https://support.microsoft.com/en-us/win ... 01afe13b26
If you use some other antivirus software, you will need to look at the documentation for that software
It should be noted that the CPS installer has been downloaded 1500+ times just for the latest version, and the false positive virus issue has been around for years, so the total number of successfull installtions will be many times greater than this number.
For how to set a folder as excluded from microsoft antivirus automatic deletion. See
https://support.microsoft.com/en-us/win ... 01afe13b26
If you use some other antivirus software, you will need to look at the documentation for that software
It should be noted that the CPS installer has been downloaded 1500+ times just for the latest version, and the false positive virus issue has been around for years, so the total number of successfull installtions will be many times greater than this number.
Re: New CPS 2024 01 22
I tried it, but some result, virus detection and automatic deletion.
Re: My antivirus deletes the CPS installer
Seems that some of the AV programmers have tweaked their AI algorithms again.
https://www.virustotal.com/gui/file/cf7 ... ?nocache=1
On windows 10 I was able to add "Trojan:Win32/Caynamer.A!ml" to Allowed Threats, have to test that on my Win11 laptop too.
https://www.virustotal.com/gui/file/cf7 ... ?nocache=1
On windows 10 I was able to add "Trojan:Win32/Caynamer.A!ml" to Allowed Threats, have to test that on my Win11 laptop too.
Re: My antivirus deletes the CPS installer
This can be avoided by adding an exception to windows antivirus, to the folder or to the file... Up to you.W1CY wrote: ↑Tue Feb 13, 2024 1:45 amWindows 11 security is deleting the file as soon as I download it, stating there is a virus in the file.
I cannot bypass it, unfortunately it my business computer and it is managed by security folks.
This is new, in the past I had no issues. I downloaded the latest version from 01/22/2024. No way to install it.
Thanks
Re: My antivirus deletes the CPS installer
This is the best optionEA3BIL wrote: ↑Tue Feb 13, 2024 3:42 pmThis can be avoided by adding an exception to windows antivirus, to the folder or to the file... Up to you.W1CY wrote: ↑Tue Feb 13, 2024 1:45 amWindows 11 security is deleting the file as soon as I download it, stating there is a virus in the file.
I cannot bypass it, unfortunately it my business computer and it is managed by security folks.
This is new, in the past I had no issues. I downloaded the latest version from 01/22/2024. No way to install it.
Thanks
Make a quarantine folder, download into that folder and install from the folder
Re: My antivirus deletes the CPS installer
VK3KYY wrote: ↑Tue Feb 13, 2024 8:11 pmThis is the best optionEA3BIL wrote: ↑Tue Feb 13, 2024 3:42 pmThis can be avoided by adding an exception to windows antivirus, to the folder or to the file... Up to you.W1CY wrote: ↑Tue Feb 13, 2024 1:45 amWindows 11 security is deleting the file as soon as I download it, stating there is a virus in the file.
I cannot bypass it, unfortunately it my business computer and it is managed by security folks.
This is new, in the past I had no issues. I downloaded the latest version from 01/22/2024. No way to install it.
Thanks
Make a quarantine folder, download into that folder and install from the folder
I was surprised by this unexpected behaviour by W10Pro64b and after a few slapping to Google Chrome, I realised issue came from Windows antivirus so, I set the exception to the folder in where I download OpenGD77 files and problem "Gone with the wind"...
Re: My antivirus deletes the CPS installer
This problem is possibly becasue I set the installer exe to encrypted and M$ does not like that they can no longer inspect inside the installer becuase the antivirus does not know the password
I use InnoSetup https://jrsoftware.org/isinfo.php to make the installer, and it seems almost an empty installer file is flagged by some antivirus as a problem
If you want to try to run the installer youself, I can post the config file, and then perhaps see whether VirusTotal still shows the installer as being a virus
IMO its crazy that if a file is indentified as containing a virus my one antivirus, then it should be identified by most antivirus, but VirusTotal show conflicting results, with most antivirus programs finding no problems
Edit. I just uploaded the CPS main exe to virustotal and I only 4 say its got a virus
https://www.virustotal.com/gui/file/648 ... ?nocache=1
and they all disagree about what the virus is
i.e
LOL.
So SecureAge just think its bad without saying precisely what they think is wrong with it
SecureAge say basiclly the same thing
MaxSecure think its one type of trojan
and Bkav Pro think its something else
I looked up W32.AIDetectMalware.CS and its defined as
The same with MaxSecure, becuase "susgen" means
So. I thought I'd check the official TYT CPS
https://www.virustotal.com/gui/file/b40 ... a05009a044
It fails
Same with the official TYT firmware loader
https://www.virustotal.com/gui/file/de1 ... 314ae364c7
I use InnoSetup https://jrsoftware.org/isinfo.php to make the installer, and it seems almost an empty installer file is flagged by some antivirus as a problem
If you want to try to run the installer youself, I can post the config file, and then perhaps see whether VirusTotal still shows the installer as being a virus
IMO its crazy that if a file is indentified as containing a virus my one antivirus, then it should be identified by most antivirus, but VirusTotal show conflicting results, with most antivirus programs finding no problems
Edit. I just uploaded the CPS main exe to virustotal and I only 4 say its got a virus
https://www.virustotal.com/gui/file/648 ... ?nocache=1
and they all disagree about what the virus is
i.e
- Bkav Pro:W32.AIDetectMalware.CS
- MaxSecure:Trojan.Malware.300983.susgen
- SecureAge:Malicious
- TEHTRIS:Generic.Malware
Code: Select all
LOL.
So SecureAge just think its bad without saying precisely what they think is wrong with it
SecureAge say basiclly the same thing
MaxSecure think its one type of trojan
and Bkav Pro think its something else
I looked up W32.AIDetectMalware.CS and its defined as
i.e This is not a specific type, its just that the "AI" didn't like the smell of itW32.AIDetectMalware is a heuristic detection designed to generically detect a Trojan Horse.
The same with MaxSecure, becuase "susgen" means
i.e All of these are becasue its not possible to crypographically sign this file because its not a commercial file linked to a company(Suspicious of generator)
So. I thought I'd check the official TYT CPS
https://www.virustotal.com/gui/file/b40 ... a05009a044
It fails
Same with the official TYT firmware loader
https://www.virustotal.com/gui/file/de1 ... 314ae364c7
Re: My antivirus deletes the CPS installer
if it's generated by the installer itself the one can try to use a different installer (NSIS).
or just ditch M$$$$ and go linux, but CPS needs to be ported somehow. (is it opensource?)
or just ditch M$$$$ and go linux, but CPS needs to be ported somehow. (is it opensource?)