#165 Trojan:Win32/Critet.BS

[Anonymous]

Will not download from sourceforge website there is a trojan Trojan:Win32/Critet.BS preventing any download or install

[Robert Kausch]

Hi! This is a false positive detection by Windows Defender. I'm already in contact with Microsoft to resolve this. Usually, they will react quickly and fix such false reports with one of the next definition updates.

In other words: There is no threat in the fre:ac download. This is a bug in Windows Defender.

[Robert Kausch]

Unfortunately, Microsoft's online scanner is using an outdated definition version (1.263.536.0), so my support case got automatically closed as they failed to detect anything.

See my submission here: https://www.microsoft.com/en-us/wdsi/submission/51f3f494-67a8-44b0-8c25-6315720d9894

The false positive got introduced at some point between 1.263.536 and 1.263.585 and still seems to exist in the latest update 1.263.598.

Meanwhile, other software seems to suffer the same false positive alerts:

• The Making History addon for Kerbal Space Program
• The Shadowsocks proxy application
• The ZHPCleaner anti browser hijacker software

Microsoft really screwed this up. I hope they will have a fix soon.

[Anonymous]

Thank you Rob much apreciate the fast response.

[Robert Kausch]

Got a response from Microsoft. The signatures have been updated already and the false positive detection was removed, but Windows Defender is caching previous detections.

To purge the cache, do the following:

1. Open command prompt as administrator and change directory
   to c:\Program Files\Windows Defender  
2. Run “MpCmdRun.exe -removedefinitions -dynamicsignatures” 

This worked for me.