Virus in build 878

Zinn
Posts: 476
Joined: Tue Mar 25, 2014 5:56 pm
Location: Frankfurt am Main
Contact:

Re: Virus in build 878

Post by Zinn »

Josef Templ wrote:Does it make a difference if BB is installed in the Windows "Programs" folder or somewhere else?
No, it doesn't matter where you have Blackbox. I have the same trouble on drive d:\BlackBox and also with usb-sticks u:\BlackBox.
Even in Backups the file BlackBox.exe was deleted.
Today I download BlackBox Stable version 1.7 as Zip file from the framework site but I could not unpack the zip file, because the windows 10 defender says it is a virus.
Only on Linux (Ubuntu) I have not this kind of problem.
- Helmut
Zinn
Posts: 476
Joined: Tue Mar 25, 2014 5:56 pm
Location: Frankfurt am Main
Contact:

Re: Virus in build 878

Post by Zinn »

This week I found the website
http://www.techsupportalert.com/content ... endors.htm
and I get the rate of 914 from 30 down to 20 by writing e-mails and fill out web forms for 914 only.

914
SHA256: 1210fb918947530cdbda7f3caf7b254fe0ff66fd4b54affd6ba92d6e0807adc0
Detection ratio: 30 / 64 on 07.08.2017
Detection ratio: 22 / 64 on 09.08.2017
Detection ratio: 20 / 64 on 11.08.2017
see https://virustotal.com/de/file/1210fb91 ... 502082987/

At the same time I observe 915 and do no reports.
915
SHA256: e40870851004e50801c48c9dfa9fc74b0dd6453d113e45a96ab919eb2e60ccec
Detection ratio: 12 / 64 on 09.08.2017
Detection ratio: 30 / 64 on 11.08.2017
see https://virustotal.com/en/file/e4087085 ... 502292398/

Don Quichotte lässt grüßen.
User avatar
DGDanforth
Posts: 1061
Joined: Tue Sep 17, 2013 1:16 am
Location: Palo Alto, California, USA
Contact:

Re: Virus in build 878

Post by DGDanforth »

MalwareBytes has quaranteed the 878 build on my machine.
Even after I said to ignore the quarantee it seems to have deleted the .exe.
I'll have to roll back to the last stable release.
-Doug
User avatar
Robert
Posts: 1024
Joined: Sat Sep 28, 2013 11:04 am
Location: Edinburgh, Scotland

Re: Virus in build 878

Post by Robert »

DGDanforth wrote:I'll have to roll back to the last stable release.
Maybe? You can always try downloading 878 again.

But the relevant question is: "Do we know which releases are safe from false positives?" Is the last stable safe? Is the next unstable unsafe?
It seems to me that the versions that are accepted by the virus checkers are changing on a daily basis; versions that were safe last week are not safe today.
cfbsoftware
Posts: 204
Joined: Wed Sep 18, 2013 10:06 pm
Contact:

Re: Virus in build 878

Post by cfbsoftware »

I just downloaded and installed and scanned both the zip (1263 files) and setup versions of 1.7.1-b1.915 without any complaints from Windows Defender on Windows 10

The Threat definition version of Defender is 1.249.971.0 dated 7:02:41 AM Sat Aug 12, 2017.
Zinn
Posts: 476
Joined: Tue Mar 25, 2014 5:56 pm
Location: Frankfurt am Main
Contact:

Re: Virus in build 878

Post by Zinn »

cfbsoftware wrote:I just downloaded and installed and scanned both the zip (1263 files) and setup versions of 1.7.1-b1.915 without any complaints from Windows Defender on Windows 10

The Threat definition version of Defender is 1.249.971.0 dated 7:02:41 AM Sat Aug 12, 2017.
Chris, you are a lucky man.
I can't unpack and run 915 under Windows 10, because the defender stops the operation.
The Threat definition version of Defender is 1.2449.990.0
Only under Ubuntu I can use it.

Please have a look for 915 at
https://virustotal.com/en/file/e4087085 ... 502292398/
and click on View latest
The rate increase from 12 to 34 in 4 days. We have a new record: The detection ratio is 34 of 64 on 13.08.2017

You may look also for 914 at
https://virustotal.com/de/file/1210fb91 ... 502082987/
and click on View latest
The rate decrease from 30 to 20. Do you know why? Don Quichotte is fighting against windmill with 914 since 7th of August and did nothing with 915.

- Helmut
Post Reply