Author Topic: Windows Defender thinks 1.6.9 installer contains Trojan:Win32/Peals.f!cs  (Read 3032 times)

Vaskus23

  • Guest
Just came back to find WD telling me that voiceattack.exe was a Trojan and deleted the file. I went to reinstall it from scratch and windows now wont let me download either the new live version or the beta without locking and informing it contains viruses.

Known issue or is this new?

Gary

  • Administrator
  • Hero Member
  • *****
  • Posts: 2832
Re: Windows Defender thinks 1.6.9 installer contains Trojan:Win32/Peals.f!cs
« Reply #1 on: January 03, 2018, 10:20:06 PM »
Very strange.  I downloaded the file, and Defender just deletes it.  I download the zipped version and same result.

I've submitted to MS for a review.  If I turn off defender and send the files to VirusTotal.com, it's all clean. 

Going to have to figure out what to do.

Thank you for bringing this to my immediate attention.

Gary

  • Administrator
  • Hero Member
  • *****
  • Posts: 2832
Re: Windows Defender thinks 1.6.9 installer contains Trojan:Win32/Peals.f!cs
« Reply #2 on: January 03, 2018, 10:39:06 PM »
I'm going through my site's files, and it's only v1.6.9+ .exe files that seem to have the problem. 

My initial submission to MS shows the files are not infected.  I was able to retain the download by clicking on, 'Get details' from the popup and then clicking on the 'Remove all' threat button.

I have new beta on deck that I'm going to try to push through to see if that makes any difference.
« Last Edit: January 03, 2018, 10:47:26 PM by Gary »

Gary

  • Administrator
  • Hero Member
  • *****
  • Posts: 2832
Re: Windows Defender thinks 1.6.9 installer contains Trojan:Win32/Peals.f!cs
« Reply #3 on: January 03, 2018, 11:19:37 PM »
I was able to recompile the installer for the latest beta (v1.6.9.2).  The rebuilt beta installer does not get removed when I download it from the site:  http://www.voiceattack.com/beta

I was looking at just completely rebuilding v1.6.9 (rebuilding will change the signature), but, unfortunately, I did not commit my changes between v1.6.8 and v1.6.9 since it was more or less a fast-turnaround deploy to resolve some issues.  I'm kind of at the mercy of Windows Defender at this point.  I may just need to fast-track the latest beta to production, just to get past this and not have to wait on Microsoft.

Gary

  • Administrator
  • Hero Member
  • *****
  • Posts: 2832
Re: Windows Defender thinks 1.6.9 installer contains Trojan:Win32/Peals.f!cs
« Reply #4 on: January 04, 2018, 04:53:24 PM »
Microsoft's response was that there is no malware in both their cloud and client engines (surprise).

It looks like this little storm is over, as I'm now able to download and install without Defender removing the files.

Lovely little, 'Nightmare Mode' lol.