My antivirus deletes the CPS installer

[W1CY]

Windows 11 security is deleting the file as soon as I download it, stating there is a virus in the file.
I cannot bypass it, unfortunately it my business computer and it is managed by security folks.

This is new, in the past I had no issues. I downloaded the latest version from 01/22/2024. No way to install it.
Thanks

[W1CY]

I am unable to download. Is always flagged as virus and I am never prompted for password. Not sure what I'm doing wrong.

Exact the same here, the file is erased in 1 micro second as containing a virus.

[VK3KYY]

Its impossible to prevent the CPS being falsely flagged as a virus, as has been extensively discussed before

For how to set a folder as excluded from microsoft antivirus automatic deletion. See

https://support.microsoft.com/en-us/win ... 01afe13b26



If you use some other antivirus software, you will need to look at the documentation for that software

It should be noted that the CPS installer has been downloaded 1500+ times just for the latest version, and the false positive virus issue has been around for years, so the total number of successfull installtions will be many times greater than this number.

[W1CY]

I am unable to download. Is always flagged as virus and I am never prompted for password. Not sure what I'm doing wrong.

Have you tried

downloads/PC_CPS/Latest/

I tried it, but some result, virus detection and automatic deletion.

[SA0BUX]

Seems that some of the AV programmers have tweaked their AI algorithms again.

https://www.virustotal.com/gui/file/cf7 ... ?nocache=1

On windows 10 I was able to add "Trojan:Win32/Caynamer.A!ml" to Allowed Threats, have to test that on my Win11 laptop too.

[EA3BIL]

Windows 11 security is deleting the file as soon as I download it, stating there is a virus in the file.
I cannot bypass it, unfortunately it my business computer and it is managed by security folks.

This is new, in the past I had no issues. I downloaded the latest version from 01/22/2024. No way to install it.
Thanks

This can be avoided by adding an exception to windows antivirus, to the folder or to the file... Up to you.

[VK3KYY]

Windows 11 security is deleting the file as soon as I download it, stating there is a virus in the file.
I cannot bypass it, unfortunately it my business computer and it is managed by security folks.

This is new, in the past I had no issues. I downloaded the latest version from 01/22/2024. No way to install it.
Thanks

This can be avoided by adding an exception to windows antivirus, to the folder or to the file... Up to you.

This is the best option

Make a quarantine folder, download into that folder and install from the folder

[EA3BIL]

Windows 11 security is deleting the file as soon as I download it, stating there is a virus in the file.
I cannot bypass it, unfortunately it my business computer and it is managed by security folks.

This is new, in the past I had no issues. I downloaded the latest version from 01/22/2024. No way to install it.
Thanks

This can be avoided by adding an exception to windows antivirus, to the folder or to the file... Up to you.

This is the best option

Make a quarantine folder, download into that folder and install from the folder

I was surprised by this unexpected behaviour by W10Pro64b and after a few slapping to Google Chrome, I realised issue came from Windows antivirus so, I set the exception to the folder in where I download OpenGD77 files and problem "Gone with the wind"...

[VK3KYY]

This problem is possibly becasue I set the installer exe to encrypted and M$ does not like that they can no longer inspect inside the installer becuase the antivirus does not know the password

I use InnoSetup https://jrsoftware.org/isinfo.php to make the installer, and it seems almost an empty installer file is flagged by some antivirus as a problem

If you want to try to run the installer youself, I can post the config file, and then perhaps see whether VirusTotal still shows the installer as being a virus

IMO its crazy that if a file is indentified as containing a virus my one antivirus, then it should be identified by most antivirus, but VirusTotal show conflicting results, with most antivirus programs finding no problems

Edit. I just uploaded the CPS main exe to virustotal and I only 4 say its got a virus

https://www.virustotal.com/gui/file/648 ... ?nocache=1

and they all disagree about what the virus is

i.e

• Bkav Pro:W32.AIDetectMalware.CS
• MaxSecure:Trojan.Malware.300983.susgen
• SecureAge:Malicious
• TEHTRIS:Generic.Malware

Code: Select all

LOL.

So SecureAge just think its bad without saying precisely what they think is wrong with it
SecureAge say basiclly the same thing
MaxSecure think its one type of trojan
and Bkav Pro think its something else


I looked up W32.AIDetectMalware.CS and its defined as

W32.AIDetectMalware is a heuristic detection designed to generically detect a Trojan Horse.

i.e This is not a specific type, its just that the "AI" didn't like the smell of it

The same with MaxSecure, becuase "susgen" means

(Suspicious of generator)

i.e All of these are becasue its not possible to crypographically sign this file because its not a commercial file linked to a company


So. I thought I'd check the official TYT CPS

https://www.virustotal.com/gui/file/b40 ... a05009a044

It fails

Same with the official TYT firmware loader

https://www.virustotal.com/gui/file/de1 ... 314ae364c7

[YO3IDG]

if it's generated by the installer itself the one can try to use a different installer (NSIS).

or just ditch M$$$$ and go linux, but CPS needs to be ported somehow. (is it opensource?)