MSEdgeRedirect
MSEdgeRedirect copied to clipboard
rcmaehl
Virus scanners and False Positives
Describe the request A clear and concise description of what the request is. Question: Is it a bug, that it is blocked by many virus scanners, like Bitdefender, Kaspersky
Screenshots If applicable, add screenshots to help explain your request.
Desktop (please complete the following information):
- OS: Windows 11 21H2
- Build: 22000.376
Additional context Add any other context about the request here.
Describe the request A clear and concise description of what the request is. Question: Is it a bug, that it is blocked by many virus scanners, like Bitdefender, Kaspersky
Screenshots If applicable, add screenshots to help explain your request.
Desktop (please complete the following information):
- OS: Windows 11 21H2
- Build: 22000.376
Additional context Add any other context about the request here.
I have not yet invested in a SSL Code Signing Certificate as it's ~$250/yr. Virustotal reported only 4 vendors were detecting the file but some AVs might soft block the application and ask you to confirm you want to run it since it's stil somewhat niche.
https://www.virustotal.com/gui/file/8595bfb6f9c5b8137ed106666942a168418230d5fbf47d76d5d1049676239041
Describe the request A clear and concise description of what the request is. Question: Is it a bug, that it is blocked by many virus scanners, like Bitdefender, Kaspersky
Screenshots If applicable, add screenshots to help explain your request.
Desktop (please complete the following information):
- OS: Windows 11 21H2
- Build: 22000.376
Additional context Add any other context about the request here.
Please refer to these: https://github.com/rcmaehl/MSEdgeRedirect/issues/12#issuecomment-968200767 and https://github.com/rcmaehl/MSEdgeRedirect/issues/12#issuecomment-968201084
Describe the request A clear and concise description of what the request is. Question: Is it a bug, that it is blocked by many virus scanners, like Bitdefender, Kaspersky Screenshots If applicable, add screenshots to help explain your request. Desktop (please complete the following information):
- OS: Windows 11 21H2
- Build: 22000.376
Additional context Add any other context about the request here.
I have not yet invested in a SSL Code Signing Certificate as it's ~$250/yr. Virustotal reported only 4 vendors were detecting the file but some AVs might soft block the application and ask you to confirm you want to run it since it's stil somewhat niche.
https://www.virustotal.com/gui/file/8595bfb6f9c5b8137ed106666942a168418230d5fbf47d76d5d1049676239041
Virustotatal database isn't updated to latest data, windows defender and others too detects as virus
Describe the request A clear and concise description of what the request is. Question: Is it a bug, that it is blocked by many virus scanners, like Bitdefender, Kaspersky Screenshots If applicable, add screenshots to help explain your request. Desktop (please complete the following information):
- OS: Windows 11 21H2
- Build: 22000.376
Additional context Add any other context about the request here.
I have not yet invested in a SSL Code Signing Certificate as it's ~$250/yr. Virustotal reported only 4 vendors were detecting the file but some AVs might soft block the application and ask you to confirm you want to run it since it's stil somewhat niche. https://www.virustotal.com/gui/file/8595bfb6f9c5b8137ed106666942a168418230d5fbf47d76d5d1049676239041
Virustotatal database isn't updated to latest data, windows defender and others too detects as virus
I'll look into a signing certificate then
Describe the request A clear and concise description of what the request is. Question: Is it a bug, that it is blocked by many virus scanners, like Bitdefender, Kaspersky Screenshots If applicable, add screenshots to help explain your request. Desktop (please complete the following information):
- OS: Windows 11 21H2
- Build: 22000.376
Additional context Add any other context about the request here.
I have not yet invested in a SSL Code Signing Certificate as it's ~$250/yr. Virustotal reported only 4 vendors were detecting the file but some AVs might soft block the application and ask you to confirm you want to run it since it's stil somewhat niche. https://www.virustotal.com/gui/file/8595bfb6f9c5b8137ed106666942a168418230d5fbf47d76d5d1049676239041
Virustotatal database isn't updated to latest data, windows defender and others too detects as virus
I'll look into a signing certificate then
Thanks. Bitdefender does not soft block it. As I see it added it to a local block list. I can't download/build the file anymore (Only when the file has the same checksum), because it get deleted immediately. Additional I saw some moments ago that it's only the latest version which is flagged.
Describe the request A clear and concise description of what the request is. Question: Is it a bug, that it is blocked by many virus scanners, like Bitdefender, Kaspersky Screenshots If applicable, add screenshots to help explain your request. Desktop (please complete the following information):
- OS: Windows 11 21H2
- Build: 22000.376
Additional context Add any other context about the request here.
I have not yet invested in a SSL Code Signing Certificate as it's ~$250/yr. Virustotal reported only 4 vendors were detecting the file but some AVs might soft block the application and ask you to confirm you want to run it since it's stil somewhat niche. https://www.virustotal.com/gui/file/8595bfb6f9c5b8137ed106666942a168418230d5fbf47d76d5d1049676239041
Virustotatal database isn't updated to latest data, windows defender and others too detects as virus
I'll look into a signing certificate then
Thanks. Bitdefender does not soft block it. As I see it added it to a local block list. I can't download/build the file anymore (Only when the file has the same checksum), because it get deleted immediately. Additional I saw some moments ago that it's only the latest version which is flagged.
Yah, above 0.5.0.0 version (beta) it's detecting as virus (x86), builds between 0.4.0.0 and 0.5.0.0 is clear.
Here's a hint about antivirus, if it says anything about Generic 9/10 times it's heuristic detection which is really prone to false positives. Basically all that means is that the antivirus doesn't think you should trust the file because it has something or did something the antivirus thought was dangerous
Yes and Bitdefender and Avira says SuspiciousBehaviour ==> The unblock button is grayed out
Yes and Bitdefender and Avira says SuspiciousBehaviour ==> The unblock button is grayed out
I think 64 bit works fine, 32 bit only creating problems
https://www.virustotal.com/gui/file/9c6ff36cc1e42a731230a732515221741aed3a82d906c42f53f6f9341c39c1e3?nocache=1
Windows Security is blocking this application altogether. I tried to download it again and it's blocked/failed.
Current 64bit 0.6.2.0: https://www.virustotal.com/gui/file/9a360623e7f23026d437c3cb7a785068e602e75cd3b4f4147748acf38a151db6 Current 32bit 0.6.2.0: https://www.virustotal.com/gui/file/e930303730896a9d0968b35d3dcdeb108aa7ae411da42f4222ebd05dd2d5810a
I've found that Comodo offers between 83 and 69$ per year for code signing: https://codesigningstore.com/code-signing-certificates
Might be a better option (unless you need/prefer a different certificate type).
Current 64bit 0.6.2.0: https://www.virustotal.com/gui/file/9a360623e7f23026d437c3cb7a785068e602e75cd3b4f4147748acf38a151db6 Current 32bit 0.6.2.0: https://www.virustotal.com/gui/file/e930303730896a9d0968b35d3dcdeb108aa7ae411da42f4222ebd05dd2d5810a
I've found that Comodo offers between 83 and 69$ per year for code signing: https://codesigningstore.com/code-signing-certificates
Might be a better option (unless you need/prefer a different certificate type).
Needs to be EV Code signing
Describe the request A clear and concise description of what the request is. Question: Is it a bug, that it is blocked by many virus scanners, like Bitdefender, Kaspersky Screenshots If applicable, add screenshots to help explain your request. Desktop (please complete the following information):
- OS: Windows 11 21H2
- Build: 22000.376
Additional context Add any other context about the request here.
I have not yet invested in a SSL Code Signing Certificate as it's ~$250/yr. Virustotal reported only 4 vendors were detecting the file but some AVs might soft block the application and ask you to confirm you want to run it since it's stil somewhat niche.
https://www.virustotal.com/gui/file/8595bfb6f9c5b8137ed106666942a168418230d5fbf47d76d5d1049676239041
Yeah, i've looked into it a bit aswell and this is the cheapest you can get: Buy link: https://codesigningstore.com/code-signing/comodo-ev-code-signing?utm_source=AboutSSL&utm_medium=Affiliate&utm_content=/cheap-ev-code-signing-certificate-providers/
With given coupon: aboutssl10/WELCOME10:
| Years | Price per year | Total price | Discount in % |
|---|---|---|---|
| 1 | $287.10 | $287.10 | 0% |
| 2 | $251.10 | $502.20 | 14.34% |
| 3 | $239.40 | $718.20 | 19.925% (from 2year it's: 4.887%) |
Hope the above table helps with deciding which is the best for you :-)
Describe the request A clear and concise description of what the request is. Question: Is it a bug, that it is blocked by many virus scanners, like Bitdefender, Kaspersky Screenshots If applicable, add screenshots to help explain your request. Desktop (please complete the following information):
- OS: Windows 11 21H2
- Build: 22000.376
Additional context Add any other context about the request here.
I have not yet invested in a SSL Code Signing Certificate as it's ~$250/yr. Virustotal reported only 4 vendors were detecting the file but some AVs might soft block the application and ask you to confirm you want to run it since it's stil somewhat niche. https://www.virustotal.com/gui/file/8595bfb6f9c5b8137ed106666942a168418230d5fbf47d76d5d1049676239041
Yeah, i've looked into it a bit aswell and this is the cheapest you can get: Buy link: https://codesigningstore.com/code-signing/comodo-ev-code-signing?utm_source=AboutSSL&utm_medium=Affiliate&utm_content=/cheap-ev-code-signing-certificate-providers/
With given coupon: aboutssl10/WELCOME10:
Years Price per year Total price Discount in % 1 $287.10 $287.10 0% 2 $251.10 $502.20 14.34% 3 $239.40 $718.20 19.925% (from 2year it's: 4.887%) Hope the above table helps with deciding which is the best for you :-)
Just waiting for my tax return honestly
Idk if the v6.0.3.0 has been signed or has been submitted as a false-positive to Windows Defender. But I just installed it and it didn't raise any flags.
Idk if the v6.0.3.0 has been signed or has been submitted as a false-positive to Windows Defender. But I just installed it and it didn't raise any flags.
Just successfully installed it as well. The download was not blocked this time, and I had a warning in the Chrome download bar that said "this is not commonly downloaded and may be dangerous" but clicking the carrot allowed me to go around it and install anyway. Also, I can confirm it's working as expected!
I just got my installation removed by Bitdefender today. Was on the latest release (0.6.5.0)
I just got my installation removed by Bitdefender today. Was on the latest release (0.6.5.0)
Submitted a False Positive to Bitdefender via their website for 0.6.5.0 x64. ID: 1007414377. They say 72 hours is the standard review period once submitted.
I just got my installation removed by Bitdefender today. Was on the latest release (0.6.5.0)
Submitted a False Positive to Bitdefender via their website for 0.6.5.0 x64. ID: 1007414377. They say 72 hours is the standard review period once submitted.
In the most time the are under the 72 hours. But I think it was added to the signature db by Bitdefender self. Normally applications, which are unknown and detected by live detection are named like PROGRAMMINGLANGUAGE.TYPE.Generic.NUMBER in very few cases they have the application name in the event. If they are added by hand they have always a name
Submitted a False Positive to Bitdefender via their website for 0.6.5.0 x64. ID: 1007414377. They say 72 hours is the standard review period once submitted.
I'm not sure if this helps with anything, but this is what it says
That's just another machine learning detection, notice the "suspiciousbehavior" identifier which means that something did something the AV didn't see as normal and the generated string
That's just another machine learning detection, notice the "suspiciousbehavior" identifier which means that something did something the AV didn't see as normal and the generated string
Ah, ok
Google Safe Browsing has the latest installer flagged. Chrome displays a warning for the releases page, and blocks the download as well:
You may be able to appeal this decision.
Looks like INetGet() was upsetting some AVs. Temporarily commenting it has reduced FPs by about 50% but we're still getting 3-4.
Trying to clean up issue tracker. Going to close this issue but leave it pinned.
Full solution should come with code signing come tax season.