Jump to content

Photo

Windows Defender False Flags


  • Please log in to reply
10 replies to this topic

#1 Timelord

Timelord

    The Timelord

  • Banned
  • Location:Prydon Academy

Posted 05 April 2019 - 12:34 AM

This is a simple notification that Windows Defender is an absolute pile of rubbish, in the event that anyone is unaware.

 

If it gives a report on ZQuest, or ZC, it's a false positive flag. We've tried many times to get MS to look into this, but their support form is broken, and they refuse to give it, or to give a damn about supporting non-paid developers.

 

if you use Windows Defender (why?) you will need to make manual exceptions for ZC, and to manually undelete it. This occurs in random sweeps that WD performs, and may or may not happen depending on your definitions, the phase of the moon, and the conjunction of the planets.

 

Here's why MS doesn't give a £&$* about whitelisting programmes such as ZC. We aren't the only ones with this issue.

 

Further, he is my report to MS, regarding their broken submission form. Nice response from them; eh?

 

t/l/d/r

Basically, there is no method of submitting a file as a developer, other than via this form; and the form has been broken for over a year. Reports that the form is broken, get responses telling people to use the form.

 

Scans of ZC, ZQuest, and the related content all pass on other scanners, including heuristic analysis done by a third-party analysis company. (You can submit files for analysis manually, to various companies, and we've done this.)

 

If you encounter this issue with any other scanner, please let us know so that we can attempt to get ZC white-flagged in their definitions. Most companies that specialise in security software actually care if their software is right. Microsoft do not, because it's in their interest to squish small developers, particularly open-source software developers, and non-commercial software.

 

 


  • ShadowTiger likes this

#2 cbailey78

cbailey78

    Initiate

  • Members

Posted 06 February 2020 - 10:09 PM

It pisses me off that McAfee is quarantining "Zelda Classic" as a supposed "Virus", When I wanna play ZC only to find that it is not in it's directory and I have to go into McAfee quarantine center and restore ZC so I can play it.  I cannot find any way to exclude or mark ZC as Safe.



#3 Peteo

Peteo

    Back in Business!

  • Members
  • Real Name:Pete
  • Location:Finland

Posted 07 February 2020 - 07:38 AM

Didn't notice this topic until now, but I'll post this here as well:

 

 

 

"The file E:\ZC 2.55 Alpha 47\zelda.exe is infected with Gen:Variant.Graftor.683546 and was moved to quarantine. It is recommended that you run a System Scan to make sure your system is clean."

 

I'm using Bitdefender, and seems like Bitdefender doesn't like ZC either.



#4 Avaro

Avaro

    o_o

  • Members
  • Real Name:Robin
  • Location:Germany

Posted 09 February 2020 - 09:53 AM

Commodo Internet Security doesnt like it either.

 

Lately, the issues with antivirus programs have been getting more frequent for everyone. There must be something wrong with the new ZC versions


Edited by Avaro, 09 February 2020 - 09:53 AM.


#5 Timelord

Timelord

    The Timelord

  • Banned
  • Location:Prydon Academy

Posted 27 April 2020 - 05:44 AM

Didn't notice this topic until now, but I'll post this here as well:

 

 

I'm using Bitdefender, and seems like Bitdefender doesn't like ZC either.

 

 

Commodo Internet Security doesnt like it either.

 

Lately, the issues with antivirus programs have been getting more frequent for everyone. There must be something wrong with the new ZC versions

 

 

Please let us know the version of ZC that triggered these, and the Alpha/Beta ID of it, so that we can try to detect what code changes may be triggering them.

 

We have limited options, but in the next few months I want to try changing compilers from MSVC to g++, to see if it makes a difference. (I have started this process, but it is not as simple as it sounds.)

 

Knowing if only specific builds and versions do this, as well as if it is flagging the main binaries (zelda.exe, zquest.exe), and/or the binaries inside the path ./upx, is very helpful. (We provide UPX packed binaries as some scanners like those, and other like the unpacked binaries, as an ad-hoc quarantine solution.)



#6 Soga

Soga

    Secretly Alive

  • Members

Posted 27 April 2020 - 12:28 PM

I want to try changing compilers from MSVC to g++, to see if it makes a difference. (I have started this process, but it is not as simple as it sounds.)

That's so bizarre if that solves the issue. You'd think that Windows Defender, a Microsoft product, would be a bit friendlier toward a Microsoft compiler rather than a free, open source one. But then, as someone who works with Microsoft stuff for a living, I really would not be shocked if that helps.



#7 Timelord

Timelord

    The Timelord

  • Banned
  • Location:Prydon Academy

Posted 27 April 2020 - 08:44 PM

That's so bizarre if that solves the issue. You'd think that Windows Defender, a Microsoft product, would be a bit friendlier toward a Microsoft compiler rather than a free, open source one. But then, as someone who works with Microsoft stuff for a living, I really would not be shocked if that helps.

 

We use MSVC 15.0.21022.0. It's only 12 years old. Then again, I seem to recall having issues even with a far more current MSVC, which also took 10x as long to compile the basecode.



#8 Emily

Emily

    Scripter / Dev

  • ZC Developers

Posted 09 December 2021 - 11:53 PM

Would love to know if anyone is still experiencing these issues, given that we have updated both compiler and C++ version significantly in the last few months...


  • Bagu likes this

#9 Nightmare

Nightmare

    Original ZC Tester

  • Members
  • Real Name:James
  • Location:Jackson, NJ

Posted 26 January 2022 - 05:37 PM

Nothing new, just the standard "Are you sure you want to run this program" which seems fine Emily.

 

-James


  • Magi_Hero and Bagu like this

#10 Magi_Hero

Magi_Hero

    gubgub

  • Members
  • Real Name:Tim
  • Location:NJ

Posted 26 January 2022 - 06:30 PM

The irony is Windows gives me the same security flag when I install Trend Micro on a new system. A $7.23b company isn't immune either.


  • Bagu likes this

#11 Timelord

Timelord

    The Timelord

  • Banned
  • Location:Prydon Academy

Posted 30 May 2022 - 08:55 AM

The irony is Windows gives me the same security flag when I install Trend Micro on a new system. A $7.23b company isn't immune either.

No shock: WD is rubbish




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users