ExplorerPatcher icon indicating copy to clipboard operation
ExplorerPatcher copied to clipboard

Published 20 hours ago verified publisher icon valinet

Clearing Anti-Virus Verifications

Open Cr8zyIvan opened this issue 1 year ago • 3 comments

I use your App on every machine that I use, that has Win11. It's seriously a game changer. At work however, and unfortunately, I am subject to outside verifications, checks and balances.

I can't install the new ExplorerPatcher Update until my IT department clears it. They tell me they use virustotal.com as a first step verification. As of today, ExplorerPatcher, the GitHub URL passes the verification, but the installation file "ep_setup.exe" is flagged by 3 providers.

for the last update, I had to wait a week or two for the ExplorerPatcher Flags to get cleared. Perhaps this is totally out of your control, I have limited knowledge on how all this works. In the case that there is something that can be done, I raise the issue here. Modification of the Script perhaps, or specific tests these Providers might be able to execute to clear ExplorerPatcher? I don't know.

I fear the day I might have to revert to the Win11 default Taskbar. And also, awesome job with ExplorerPatcher by the way. I believe it to be appreciated by an army of users.

Thanks, Cheers!

Cr8zyIvan avatar Mar 15 '24 17:03 Cr8zyIvan

Yeah, there is nothing we can do. We drop dxgi.dll in C:\Windows and that's enough to trigger Cynet's detections since EP was born. Take a look at the VT detection report of 56.3 which was the last version before I jumped in, it's still detected by 1 vendor which is Cynet. I assume your IT department won't allow it as well. In that case unfortunately you cannot use EP at work :(

Amrsatrio avatar Mar 15 '24 20:03 Amrsatrio

Also take a look at the Sophos analysis results of 64.1, looks like my addition of Russian translations contributed into the factors. Weird...

Amrsatrio avatar Mar 15 '24 20:03 Amrsatrio

Also take a look at the Sophos analysis results of 64.1, looks like my addition of Russian translations contributed into the factors. Weird...

Not really that weird: https://www.blackhillsinfosec.com/bypass-anti-virus-run-mimikatz/

valinet avatar Mar 15 '24 21:03 valinet

Is there a forum where people can share their experiences and rant?... For F Sakes... I just uninstalled ExplorerPatcher on my Work Computer... For F C Sakes on a stick... I F$#@g hate Microsoft man...

Cr8zyIvan avatar Mar 19 '24 14:03 Cr8zyIvan