HadToRegister Posted August 13, 2019 Share Posted August 13, 2019 If you are waiting for Vortex to fix this - you are in for a long wait. It is not a Vortex problem.Eventually Windows Defender will update their virus detection and the problem will go away. Not to mention that anybody serious about protecting their systems, would stay away from AV programs like Windows Defender, and Free AV software that is notorious for False Positives. Link to comment Share on other sites More sharing options...
amoeba00 Posted August 13, 2019 Author Share Posted August 13, 2019 The only thing in the Vortex FAQ about getting the application to work with av software has to do with the folder access protections. No mention about any of the files causing a false positive for its detected behavior. Assuming it's a false positive is the attitude that only benefits those who inject malicious code into files and berating anyone for being cautious only furthers that cause. While it's great that 3rd party AV software hasn't detected anything malicious, that alone doesn't definitively conclude that the file in question wasn't modified on one or some of the hosting servers. How many times have source files been infected and gone undetected for months? Also, there still isn't a file hash of the original source posted. For those still exercising on the ultra-cautious side - If you aren't having any issues with a version that's not generating a "false positive" virus - and aren't complaining about a bug that's addressed in a newer version - then no harm, no foul. Link to comment Share on other sites More sharing options...
HadToRegister Posted August 14, 2019 Share Posted August 14, 2019 The only thing in the Vortex FAQ about getting the application to work with av software has to do with the folder access protections. No mention about any of the files causing a false positive for its detected behavior. Assuming it's a false positive is the attitude that only benefits those who inject malicious code into files and berating anyone for being cautious only furthers that cause. While it's great that 3rd party AV software hasn't detected anything malicious, that alone doesn't definitively conclude that the file in question wasn't modified on one or some of the hosting servers. How many times have source files been infected and gone undetected for months? Also, there still isn't a file hash of the original source posted. For those still exercising on the ultra-cautious side - If you aren't having any issues with a version that's not generating a "false positive" virus - and aren't complaining about a bug that's addressed in a newer version - then no harm, no foul. Otherwise, until a posting by a Staff member confirms that it's definitely safe - all other opinions are just that. All I was saying, is that everybody in this thread, who experienced the warning, were using Windows Defender, those who didn't are using things like Kaspersky, Norton, MalwareBytes etc, so it's NOT just "opinion"Given that data, I would consider it safe to assume right now that the problem lies with Windows Defender.Had Kasperskey, or Malwarebytes, or Norton flagged it, then I'd be worried. If you'd rather wait and not run Vortex, than that's fine too, however, I think you'll probably be waiting for a while for an answer about the file Anyway, here's an info FAQ page from a Miner exe https://github.com/nicehash/NiceHashMiner/wiki/Troubleshooting#what-if-i-do-not-feel-safe-with-making-av-exceptions In it the author mentions NiceHash Miner Legacy or included miners are being flagged by Anti-VirusMany miner programs are flagged by AV software because they are included in actual viruses. These viruses install the programs on inexperienced peoples' computers, and mine on them unknowingly.Because NHML downloads many miner files, most of which are flagged, it too gets flagged as a virus for the same reason as above. The AV companies do not have a reliable way to discern if NHML is downloading these files with the user's permission (as is the case), or if it is a virus downloading them to secretly mine on the computer.As a result of this, users should be prepared for NHML to be flagged and/or removed by their AV software, and know how to set up exceptions. If you do some research around the internet, you will find much information on why most miner software is flagged by AVs. It is something that much of the mining community has learned to live with, since the virus makers that ruin it for the rest of us likely won't stop including common miners in their Trojans. Use the link and information as you see fit. Link to comment Share on other sites More sharing options...
amoeba00 Posted August 14, 2019 Author Share Posted August 14, 2019 All I was saying, is that everybody in this thread, who experienced the warning, were using Windows Defender, those who didn't are using things like Kaspersky, Norton, MalwareBytes etc, so it's NOT just "opinion"Given that data, I would consider it safe to assume right now that the problem lies with Windows Defender.Had Kasperskey, or Malwarebytes, or Norton flagged it, then I'd be worried. If you'd rather wait and not run Vortex, than that's fine too, however, I think you'll probably be waiting for a while for an answer about the fileAnyway, here's an info FAQ page from a Miner exe Apologies - I worded that poorly (and clicked post before I should have). I meant in general - just because someone says their program didn't flag it - isn't enough on its own. However, there are certainly multiple people who have posted that their 3rd party AV didn't detect anything wrong - and yes, because only Windows Defender seems to find a problem with it - more likely than not - it's a false positive. My whole point was that false positive or not - folks should not assume automatically that any flag/alert is invalid. Caution should be the default. That said - I'm running Vortex v0.19.1 and not having any issues (though I really haven't had any issues since v16-ish) - so for me, I don't mind waiting. But since @Tannin42 commented that it's not used by Vortex (corrected/removed my earlier comment about no Staff confirmation) - Folks should feel free to download, install, let the file get quarantined, deleted, and use the latest Vortex without any worry. But as to the miner.exe example - I don't understand that reference (the file in question is member.exe). If something like that were mentioned on the Vortex FAQ page about some of the software that's part of the package, then that we probably wouldn't still be commenting on this thread. :tongue: Link to comment Share on other sites More sharing options...
amoeba00 Posted August 14, 2019 Author Share Posted August 14, 2019 However, if anyone still has any doubt - here is the link to the Detours Library hosted on GitHub and a closed bug report specifically mentioning this thread and the false positive generated by Microsoft Defender. Also - I just installed the package and got no warnings.Defender version: 1.299.1918.0 Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.