GearHeads Corner

General Category => Virus Warnings => Topic started by: ArtF on January 04, 2017, 12:07:56 PM



Title: Virus Warnings
Post by: ArtF on January 04, 2017, 12:07:56 PM
Hi All:

   Just a note on virus warnings. There seems to be a spike in the number of scanners triggerin g sporadica lly on Gearotics site or on its download as suspiciou s. Researchi ng this always seems to point to "Gearotic"" being too close to "Erotic" for the scanners. As of yet, Ive had no reports of any virus's being found in any of Gearotics downloads in 5 years, but please notify me if such a thing occurs. ( Or post here. ). Many scanners are no longer just looking at files and such but are using heuristic means such as names and words to make such determina tions.. such is the world we live in. :)

Thx
Art


Title: Re: Virus Warnings
Post by: Mooselake on January 04, 2017, 02:48:14 PM
So they don't like gear porn?  What good are they?

Extra warnings prove that your aftermark et virus scanner must be good since it's catching things.  I abandoned them (Norton, AVS, McAfee, etc.) some time ago after reading multiple reviews that said that the one included with M$, while missing some different virii than the paid/freebee aftermark et scanners (and sometimes catching ones they didn't) was more than good enough for just about everybody .  Just don't click on all that stuff that shows up in your inbox, even if it's cute kittens, and never click a link on FacePlant .

Then again, the whole virus scanner (i.e. looking for signature s) has never been as good as looking for virus behavior anyway.  A number of the modern virii "mutate" so their signature s aren't consisten t, and your more likely to catch the more amateur stuff than the "good" ones.

Kirk


Title: Re: Virus Warnings
Post by: DanL on January 04, 2017, 04:27:16 PM
The more popular a virus scanner is, it increases the chances of being hit, more hacker trying to get through.

The less known it is the safer it is, you just have to make sure your password's have nothing in common with you as in if you like dragons don't have dragon in your password Have goat instead.


Title: Re: Virus Warnings
Post by: ArtF on January 04, 2017, 08:44:12 PM
   
I tend to use only the Windows scanner in Win7 for my developme nt system , but Im very carefull of viruses and scan
frequentl y to be sure I dont pass on a cold. I do get letters from folks obviously worried about contracti ng something
from rubbing elbows with software named so eroticall y, and I do find it a bit annoying, but each vendor tends to say
"Send us a signature on every version." which just isnt possible with how fast the programs morph.

    So if anyone is real concerned thay may ask here if anyone has had any bad experienc es, or how to turn off their
antivirus temporari ly for an install. The latest missive spoke of Windows claiming the program was rarely downloade d
and therefore was suspiciou s. Seems a small reason to deny a download. . and I suppose with only a few thousand users
Gearotic isnt what Mach3 was, but I would've thought that was traffic enough for tolerance . :)

  Better to mention it all though, so people peeking in dont think we're a security hotline scam. :)

  While Im on the topic, one user also asked why the new website isnt pushed more, and I agree so Ive made
it bold in the main page for the crosslink . We arent intending to switch anytime soon to be solely
on the second site, but much of that is for administr ative reasons. Bob HAS done a great job showing the
various things Gearotic does on the new site, and continues to try to keep up to my rather eclectic
method of developme nt. There are many hints on that second site to show what can be done and how.

  Soon, I will slow down on the additions and begin the long job of completin g the half finished bits
and fixing up older interface s.. Windows has changed a lot since the beginning of this never ending
project.. and you need to do a spring-summer cleaning every few years..

Art




     


Title: Re: Virus Warnings
Post by: JustinO on January 05, 2017, 05:01:39 PM
Heh. My employer's services wouldn't let gearotic. com through the layers of "protectio n". I put in a trouble ticket and slowly discovere d that no one at my firm knew how the network security worked, and that no one working for their security providers knew how it worked. There were multiple onsite visits and escalatio ns, and multiple declarati ons of "we fixed it", but no, they didn't. They tried to close the ticket "quietly" without resolutio n a couple times and I innocentl y reopened it. I finally had to conscious ly let it go. I was working from home in the evening or on my smartphon e.

This will probably fix itself as technolog y changes.

Not sure how you have your site set up, but I've had sites where I could have more than one domain pointing to the same content -- you could have a "short term fix" domain for people who are having trouble with their security.

--Justin


Title: Re: Virus Warnings
Post by: ArtF on January 05, 2017, 05:24:59 PM
Justin:
 Gear2Moti on.com leads there, but its tripped Erotic warnings due to content. :)

Art


Title: Re: Virus Warnings
Post by: JustinO on January 06, 2017, 12:51:05 PM
Seems like there should be a Filtering Industry false positive reporting process -- a clearing house sort of thing. My employer's IT could not even figure out where the filtering was happening .

There is probably an internet protocol for returning data about filtered content that is being disregard ed.

I hope they fix things before it gets worse.

--Justin


Title: Re: Virus Warnings
Post by: Stojan on February 13, 2017, 03:06:26 AM
If you use flash or java anything it will generally raise a false positive with many of the alleged virus scanners. The issue is the way they tackle possible virus and Trojan injection s, also a lot of the so called network specialis ts and developer s of virus/trojan software have a SeaGull mentality, lets just ban and peck the hell out of everythin g.

I can tell you that the new website doesn't trigger anything with Bitdefend er or Malwareby tes which are middle of the road virus/trojan/nasty website monitors that I have used for many years, one of the reasons for using those particula r programs is because of the false positives I used to get with other applicati ons. The only other program I use is Mailwashe r Pro which reads mail server side so nasties never get a lookin on my pc.

The biggest cause for Virus injection s or Trojan injects into your system is YOU the user and that ever quick trigger finger that has to press accept or enter before reading the fine print :P..

For those not dependant on the will of others you can simply exclude a website or program from being monitored . All good virus scanners should allow you to do this.
It is a good habit to do that as par for course, most virus scanners monitor everythin g that is going on particula rly things that access the network and the ever growing cloud network.
In their zeal to monitor everythin g whilst sending bits of data back to home base, they also cause your system to slow down and your programs to every so often inexplica bly crash.

All programs that I have and purchased I put in a trust list, no slowdowns no crashes. That way when your running Gearotic or any other program that you use they are not fighting for resources from your cpu memory gfx card etc etc etc etc.

I've had a lifetimes experienc e fighting network specialis ts to stop banning websites that sell suntan lotions and lip balm.

One other issue which is reasonabl y current last few years at least is the way cookies are stored on your system, if you notice how clever google and other sites are at reading and obtaining informati on as to where you have been and putting appropria te adds up and you wonder how the hell did they know that. They get all that informati on from your cookie jar.

ABSOLUTEL Y LOVE THE NEW WEBSITE!!!!!!! keep it coming..


Title: Re: Virus Warnings
Post by: ArtF on February 13, 2017, 08:18:11 AM
>>ABSOLUTEL Y LOVE THE NEW WEBSITE!!!!!!! keep it coming..

  Thx Stojan, Thats Bob's work and I too think he's done great work..

Art


Title: Re: Virus Warnings
Post by: Waneu on March 01, 2017, 05:38:37 PM
Hi
 To install your demo version I have to disable Norton antivirus because its convinced a Trojan gen.8 is in the mix. Then the next time I turn the computer on Norton removes said Trojan and Gearotic in the process.
I'm thinking that gearotic will do what I want, but before I shell out the bucks I want a program I can count on. No I'm not getting rid of Norton.
Thanks
Walt


Title: Re: Virus Warnings
Post by: ArtF on March 01, 2017, 08:59:31 PM
Hi Walt:

  You may want to ask Norton why the error. Here is a site that will scan a file with dozens of scanners,
https://www.virustotal.com/ , and even with this multiscan, no virus's or problems are found in Gearotics setup.
 Most have found that telling Norton to ignore Gearotic works fine to get it installed .

Art


Title: Re: Virus Warnings
Post by: Mooselake on March 02, 2017, 12:02:03 PM
Somewhere in the settings you should be able to tell Norton to ignore specific files, for just this type of problem.  Remember after market virus scanners need to find things to get you to keep renewing them, so they tend to have a lot of false positives .

Norton isn't showing up in the recent reviews I've seen, perhaps it's loosing it's user base.  Wasn't there a recent incident where it was deleting system files, or was that another aftermark et scanner?

Back when Peter Norton had something to do with the product (remember the Norton SI?) they were pretty good.  Since he sold out to Symantec and became an art (small a, not Art..) connoisse ur Norton branded products have been going downhill.  Perhaps it's time to look around?

After many years of buying virus scanners (I was the security guy, plus the chief dishwashe r and coffee maker, for a regional ISP back in the dial-up days) I just use the one that comes with M$ WinDoze.  More than good enough if you stay off the suspiciou s web sites and don't (like my part-time boss<sigh>) click on all those email links.  Really, FedEx delivery problems when we never send anything by FedEx?  Even catches most of what the boss clicks on; MalwareBy tes scanner gets the rest.

Kirk


Title: Re: Virus Warnings
Post by: Stojan on March 02, 2017, 09:12:04 PM
Not meaning to be mean here but Nortons Virus scanner nobody should be using that any more. Its very bloated it slows you system and its not a very good virus scanner any more.

I used to use Nortons for many years until they started adding all the glitter, I have used a few others and have found that Bitdefend er is an excellent choice being using it last 4 years has a very low incidence of false positives its intuitive to use not top heavy on your cpu. The other thing that I run on my system is Malwareby tes which checks the system for trojans, things that your virus package is not really set up to check for, well they do check for them but the primary goal is virus.

Nortons used to be the go to product now its just a me 2 product.

The thing that NO virus checker can beat or account for is that TRIGGER FINGER you know the itch, whats this do, yup I have to press the button, I know I shouldn't but I'm going to do it anyways, DAM no free IPAD just a trip to reformatt ing your hard drive.

Avagreatd ay all!!!


Title: Re: Virus Warnings
Post by: Mooselake on March 03, 2017, 01:13:16 PM
I'm more partial to those millions from Nigeria they'll transfer in to my bank account for safekeepi ng while giving me a cut  ;)

I run the free version of Malwareby tes in scanner mode, how often depends on how likely the user is to have an itchy clicky finger.

Just read that being a non-admin windows user will catch 95% of the troubleso me stuff.  It's a pain for updates, but sounds like it's almost as good as a virus scanner, and might even be better than the current Norton.  Guess W10's incessant asking for admin permissio ns would work as well if you actually check who wants it.

Kirk


Title: Re: Virus Warnings
Post by: DanL on March 07, 2017, 03:33:05 AM
Nortons Virus scanner absolutel y kill fusion360, a simple thing like doing a save takes minutes if you're running Norton. And it hates gearotic i had to remove Norton just to install some programs.
I will never get that program again


Title: Re: Virus Warnings
Post by: ArtF on March 07, 2017, 07:18:19 AM
I find that of most of them now, virus scanners seem to simply say " I havent seen that often enough, so its a virus.". Its getting
to a ridiculou s level. Ironicall y its happening as it gets harder and harder to actually get a virus due to Windows security. Most of
them have gone down the "heuristic" road where they guess if its a virus or not..whic h of course leads to the "better safe than
sorry" way they decalre something off limits now.
   I use Microsoft s protectio n.. never seem to get trouble, but then Im pretty carefull as to what I open..

Art



Title: Re: Virus Warnings
Post by: Stojan on March 07, 2017, 08:28:25 PM
Like I said before most virus authors depend on people not being attentive . You know the I am assuszuu the clever my uncle died last year leaving me millions, I need help to get my millions out of the country for this help I will give you half of my fortune my 4 wives and 20 children, please click on this link to help.

Nothing will jump out and attack you until you press the "I wonder what this does" button.

Many years ago and I do mean many... I was asked when commissio ning a network, which was the best virus protectio n and anti hack system I could recommend .

I still contend to this day you can't beat this system.

No floppy access, no usb access no network access offline operation only.

But wheres the fun in that.


Title: Re: Virus Warnings
Post by: Mooselake on March 08, 2017, 01:20:43 PM
I am assuszuu the clever my uncle died last year leaving me millions, I need help to get my millions out of the country for this help I will give you half of my fortune my 4 wives and 20 children, please click on this link to help.
Can I skip the wives and get my pick of the kids?  If so, count me in...

Interesti ng article (https://www.theregister.co.uk/2017/03/08/cia_exploit_list_in_full/) (put on your tinfoil had first) that towards the bottom discusses how the CIA reportedl y exploits virus scanners.  Perhaps Art could pick up some tricks to get rid of the annoying false alarms.

Kirk


Title: Re: Virus Warnings
Post by: DanL on March 09, 2017, 04:05:33 AM
As the saying goes of course they do, if not them it's someone else, A lot of people forget how WW2 was won.

Over here they say what they do and no one realy cares.


Title: Re: Virus Warnings
Post by: Stojan on March 09, 2017, 08:52:50 AM
As the saying goes of course they do, if not them it's someone else, A lot of people forget how WW2 was won.

Over here they say what they do and no one realy cares.

Just read the article, no surprises there really. Being the insignifi cant peon that I am I have nothing to worry about. Apart from my making the Obituary one day, that's about all the fame I will have in newspaper appearanc es.

But we the people voted and we the people allow them to do so.


Title: Re: Virus Warnings
Post by: DanL on March 10, 2017, 03:35:59 AM
If they did not and if they could do it but just did not do it and something bad happened they will get their arse handed to them, Me I hope they do it.



Title: Re: Virus Warnings
Post by: Mooselake on August 31, 2019, 03:23:24 PM
Argg, WinHozed.  I run the latest stable version of Windows Insider Preview on my laptop, early test for work back when I cared about such things.  The latest version has pronounce d GearoticS ETUP2.exe a deadly virus that will destroy humanity as we know it.  Chrome and M$ Edge refuse to download it while Firefox will download but w$ won't allow me to run it; I'll set an exception for the downloade d file and try again.

While I have Vexx 2.23 it was getting confused while I was trying celtic knots and thought I'd try a refresh before complaini ng.  Now the Gatesian fortune generator is demonstra ting it's evil empire aspect.  Unless it really contains spursint. f!cl, but I really doubt it.  It's a common complaint generated by their artificia l unintelli gencent cloudy scanner, were I cynical I'd say it's an attempt to fill the M$ coffers with their digital signing package.

Trojan:Win32/Spursint.F!cl

Kirk


Title: Re: Virus Warnings
Post by: Mooselake on August 31, 2019, 03:30:13 PM
After whitelist ing it in WinHose Defiler all I got was the usual we're all gonna die if you run this, run anyway worked fine.  <sigh>

I did click the wrong download button the first time, the current developme nt file is GearoticS etup, no 2

Kirk


Title: Re: Virus Warnings
Post by: Mand on September 06, 2019, 11:23:45 AM
Incidenta lly, I just (literally right now) got a Windows Security warning saying:

Threat detected: Trojan:Win32/Spursint.F!cl
Alert level: Severe
Category: Trojan
Details: This program is dangerous and executes commands from an attacker.
file: C:\Users\[username]\Downloads\GearoticSETUP2.exe

...anyway, I'm unconcern ed, but figured I'd post the note here in case others get similar messages and freak out or something (this warning appears to come from the MS "cloud analysis" security system).

Oh, and I forgot to note: anyone getting this same message will probably need to remove the file from quarantin e.


Title: Re: Virus Warnings
Post by: ArtF on September 06, 2019, 11:25:03 AM
I really hate those virus AI sensors.. .

Art


Title: Re: Virus Warnings
Post by: Mooselake on September 06, 2019, 01:25:00 PM
And they make it really hard for developer s, particula rly if you want to support anything before Windows 8.  You can make a private cert according to the direction s (https://docs.microsoft.com/en-us/windows/win32/appxpkg/how-to-sign-a-package-using-signtool), for "local deploymen t only" - whatever that means.  However they say you can't deploy signed apps except on Win8 and up.

Makes me really glad I retired.. .

Kirk


Title: Re: Virus Warnings
Post by: BillM on November 21, 2019, 01:33:10 PM
Art

The Windows 10 virus scanner seems to have the mistaken view that CoInstall .exe and Gearotics SETUP.exe contain viruses.   The error in particula r is "severe"  Trojan:Win32/Spursint.F!cl

There is apparentl y some character istic in the executabl e files that makes Windows think that the .exe files contains the Trojan virus.

In the past I've been able to simply ignore the virus scanner warnings.  While trying to eliminate a problem with the most current version of Vexx (missing msvcr120D DLL error) I ran  across another annoying Win10 "feature"

I tried copying the CoInstall and Gearotics SETUP exe files to a backup folder  and the files disappear ed.   I tracked this issue down to the Virus scanner & the erroneous Trojan:Win32/Spursint.F!cl detection .  I examined the Windows Security Virus protectio n history where I was able to restore the files and temporari ly allow(hence ignore) the Trojan:Win32/Spursint.F!cl detection .

After Gearotics & Vexx were successfu lly installed using the "stable" version of Gearotics, I re-enabled detection of Trojan:Win32/Spursint.F!cl viruses just in case some other software might really contain that virus

Bill


Title: Re: Virus Warnings
Post by: ArtF on November 21, 2019, 03:13:54 PM
Bill:

 Thanks for the informati on. Im looking into how to stop these false readings. .

Art


Title: Re: Virus Warnings
Post by: BillM on November 21, 2019, 04:19:51 PM
Art

I looked up some informati on about the type of virus warning being triggered .  I've tried to make some sense of the types of things Windows is concerned about as described in:
  https://www.malware-board.com/blog/remove-trojanwin32-spursintfcl-from-pc-simple-process

The name of the file probably has nothing to do with the detection .   There is perhaps some sort of windows feature where your programs are calling Windows system functions (probably defined in a windows system .dll file) to execute external .exe files or to get informati on from  memory locations external to the running program.

One example comes to mind: the relations hip between Vexx and Gearotics to get a gear from Gearotics, modify it in Vexx and then replace the modified gear back into Gearotics might resemble behaviors similar to the Trojan.

I'm not too familiar with Augie except for the simulatio n capabilit ies where pressing CONS button brings up another window.

After I re-enabled detection of  Trojan virus as soon as I tried to rename Gearotics Setup.exe to a different name the system  once again not only deleted the file I tried to rename but it also deleted the different versions of CoInstall .exe and Gearoitic s within the same windows folder.

To say that the virus protectio n is aggressiv e would be an understat ement.

Bill



Title: Re: Virus Warnings
Post by: Mooselake on November 23, 2019, 02:17:31 PM
It might be simpler than that, the scanners look for "signature s", strings of code that match things found in virii.  One of these days they'll start deleting everythin g that includes the x86 equivalen t of x=2+2 after assigning the task to a new junior programme r.

Way back when I ran an email system, the new guy decided to block all email from aol.com (ancient floppy delivery system) because he got a spam email from an aol address.  I was out of town for a couple days, came back to a big mess...

Kirk


Title: Re: Virus Warnings
Post by: Tva2fsq on January 05, 2020, 10:22:45 PM
The absolute worse thing about virus scanners is their privacy.  Almost all of them send every single link you click on to their servers. Many also send personal informati on as well at the same time.  They do this at a low level on the operating system and have full access to encrypted and VPN tunnels.  They then sell this informati on to other services including governmen ts.
Tom


Title: Re: Virus Warnings
Post by: Steve Truscott on January 07, 2020, 06:26:42 PM
The smoke got out of my notebook so I replaced it. The old one was reasonabl y up to date but I don't know which version I was running. I tried to down load Gearotic again and Microsoft defender throws a hissy fit about a trojan and deletes the file. I found a backup of an old file, Gearotic throws a tantrum about an expired file and Microsoft deletes it.
I found a very old I5 with Gearotic on it and same result. I am not comfortab le turning off any virus protectio n and actually I am not sure how to do that. Any step by step suggestio ns?
Steve Truscott temporari ly in Denver Colorado


Title: Re: Virus Warnings
Post by: Richard Cullin on January 07, 2020, 07:46:27 PM
the msi version downloads ok with chrome ,  and installed after clicking on run anyway
it also runs ok


Title: Re: Virus Warnings
Post by: ArtF on January 07, 2020, 07:52:38 PM
Hi:

 Yes, if on Win10, please use the msi installer at www.gearo tic.com in the downloads tab. Youll find it
doesnt trigger a Virus warning and just notifies you the program is from a non-trusted source. (You have to pay
to be trusted.. :) )

Thx
Art


Title: Re: Virus Warnings
Post by: Steve Truscott on January 08, 2020, 12:56:05 PM
That works and now I have gearotic running. I had msi and iso mixed up in my head. No use having a CD image I thought.


Title: Re: Virus Warnings
Post by: ArtF on January 08, 2020, 09:11:40 PM
Hi Steve:

 Yes,the msi installer is much easier to use in Win10 and doesnt give virus warnings usually, just
a warning that Im not a trusted microsoft supplier.

  Many of you download the install from Bobs backup website which didnt have the MSI file
as a selection, it was available only from my original gearotic. com download site. Bob is adding that to
his website or may have added it already.

  The problem in the end turned out to be my fault on two points. I had a bad link on my Win10
machine and was testing an old version on every install. So I wasn't testing what I thought
 I was testing. Ironicall y, the true issue that stopped Vexx from running was a 8-bar linkage module
I had not released and was developin g slowly in the backgroun d. Its optimiser, a package for
solving nonlinear algebra functions was compiled under a dynamic linking and needed runtimes.
Vexx actually doesn't need any normally as it is staticall y linked to its run-time. Turns out Win10
hates the run-times and wont load them properly. Ill have to solve that issue if I manage to
make the multi-bar linkage routines run as I want them to.

 Anyway, all seems stable and Ill now finish up the released modules and re-upload a new Vexx.
Sorry for all the trouble and thanks to those that helped me find the error.

Thx
Art





Title: Re: Virus Warnings
Post by: BobL on January 09, 2020, 09:59:00 AM
Thanks for the feedback Art, glad you found the issue. I do have (Gearotic setup.msi) added to www.Gear2 Motion.co m in case anyone is wondering?

Cheers
Bob
 :)


Title: Re: Virus Warnings
Post by: ArtF on January 19, 2020, 09:11:26 PM
Hi All:

  I have finally updated to a new installer . Ive been using that old one since Mach3 days.
The installat ion setup files have been updated with the new builds. There should be no
more virus warnings, but I'm waiting to see how that works out.

  The installat ions will start to be modified and personali zed shortly but at the moment are
quick builds using the new installer . Let me know if you run into trouble.


Thx
art


Title: Re: Virus Warnings
Post by: BobL on January 20, 2020, 11:20:00 AM
Art, I continue to get Windows defender smart Screen warning when I first launch the new setup, however works fine from there once I acknowled ge the warning.

Cheers
Bob
 :)


Title: Re: Virus Warnings
Post by: ArtF on January 20, 2020, 11:23:50 AM
Hi:

 Thx, Bob. A warning from defender that the program is from an untrusted source is fine,
there just shouldn't be any false flag virus warning anymore is the hope.

Art