Winstep

Software Technologies


 Winstep Forums


Print view
Board index : Winstep Forums : General Discussion  [ 10 posts ]
Author Message
 Post subject: Windows Defender winstep.exe false positive on Windows 10
PostPosted: Tue Dec 18, 2018 7:11 pm 
Offline
Site Admin
Site Admin
User avatar

Joined: Thu Feb 26, 2004 8:30 pm
Posts: 11930
Seems Windows Defender is blocking Winstep.exe on Windows 10 and reporting it as a trojan.

This is obviously a false positive and has already been reported to Microsoft (now we need to wait for them to fix it in their definitions), however it seems to be related to the Fast Boot option.

Under Windows 10, Microsoft deliberately delays the startup of 3rd party applications, after a Windows restart, by SEVERAL SECONDS. I can only assume Microsoft does this to make Windows itself appear to boot faster at the expense of all other 3rd party applications (let me stress this again: we are talking about a DELIBERATE delay of SEVERAL seconds here).

Some user-interface related applications like Nexus need to start at the same time as the desktop for obvious reasons. However, Microsoft did not provide any mechanism to let users choose which applications are allowed to bypass the deliberate startup delay - once again, Microsoft thinks it knows better than its own users.

As such, I came up with the Fast Boot option, but it uses a mechanism in Windows not intended for the purpose of launching normal applications. This - and the fact that I strongly believe it is up to the USER to decide which application runs first, not Microsoft NOR the application makers (i.e.; me) - is the reason the Fast Boot option in Winstep applications is disabled by default.

It's up to the user, who is - or at least should be - king of his own castle/computer to decide if he wants the Winstep application to be available at the same time as the Windows desktop on Windows 10 or not.

Unfortunately - and despite the Fast Boot option being available for the last two years or so (i.e.; since v16.6) - it seems Windows Defender suddenly decided to take issue with it.

The truth is that Windows 10 is a mess, even Acronis and others are running into problems such as this. Until Microsoft realizes that an OS needs to be stable and is not a toy for them to constantly play with, we - the users and the Windows developers - are the ones who suffer.


Attachments:
Trojan.jpg
Trojan.jpg [ 93.83 KiB | Viewed 23987 times ]

_________________
Jorge Coelho
Winstep Xtreme - Xtreme Power!
http://www.winstep.net - Winstep Software Technologies
Back to top
 Profile WWW 
 
 Post subject: Re: Windows Defender winstep.exe false positive on Windows 1
PostPosted: Tue Dec 18, 2018 7:36 pm 
Offline
Site Admin
Site Admin
User avatar

Joined: Thu Feb 26, 2004 8:30 pm
Posts: 11930
Microsoft has already responded to my false positive report. To their credit, they handled it REALLY FAST:


winstep.exe

Submission ID: d0f9bab6-a36c-4333-a4d6-e23c320245b8
Status: Completed
Submitted: Dec 18, 2018 6:24:36 PM
User Opinion: Incorrect detection

Analyst comments:

We have removed the detection. Please follow the steps below to clear cached detection and obtain the latest malware definitions.

1. Open command prompt as administrator and change directory to c:\Program Files\Windows Defender
2. Run “MpCmdRun.exe -removedefinitions -dynamicsignatures”

Alternatively, the latest definition is available for download here: https://www.microsoft.com/en-us/wdsi/definitions

Thank you for contacting Microsoft.

_________________
Jorge Coelho
Winstep Xtreme - Xtreme Power!
http://www.winstep.net - Winstep Software Technologies


Back to top
 Profile WWW 
 
 Post subject: Re: Windows Defender winstep.exe false positive on Windows 1
PostPosted: Tue Dec 18, 2018 8:22 pm 
Offline
Global Moderator
Global Moderator

Joined: Sat Apr 07, 2018 7:19 pm
Posts: 2330
Location: Here, there, and everywhere
winstep wrote:
Microsoft has already responded to my false positive report. To their credit, they handled it REALLY FAST:


winstep.exe

Submission ID: d0f9bab6-a36c-4333-a4d6-e23c320245b8
Status: Completed
Submitted: Dec 18, 2018 6:24:36 PM
User Opinion: Incorrect detection

Analyst comments:

We have removed the detection. Please follow the steps below to clear cached detection and obtain the latest malware definitions.

1. Open command prompt as administrator and change directory to c:\Program Files\Windows Defender
2. Run “MpCmdRun.exe -removedefinitions -dynamicsignatures”

Alternatively, the latest definition is available for download here: https://www.microsoft.com/en-us/wdsi/definitions

Thank you for contacting Microsoft.

Excellent and speedy response. I must say that on the very few occasions that had to contact MS directly with problems over the last 22 years, I always received a timely, helpful, and courteous response.

While I don't seem to get any interference from Windows Defender, ESET certainly gives me a fair lot of false positives and other headaches, but I have it set up so it asks what it should do every time. :)

That delay to third party apps loading might be needed to prevent some apps from interfering with Windows itself in some way, or for other security related reasons? I'm certainly willing to give them the benefit of the doubt.

That is not to say that MS don't do dirties on us users/developers, they do. Feck knows what kind of data they're able to collect from us, for example. And I most strongly resent that. In fact, it's one of the reasons I decided to have at least one permanent dual-boot Linux distro as well. The way things are going it's as well to be ready to switch for better or for worse, given the onslaughts on our privacy by various governments etc. (But then again, do I trust Linux distros? Not a lot more than MS. But a bit more, perhaps. Just as I'm inclined to trust MS a little bit more than the rotting fruit of The Dark Side.)

_________________
nexter - so, what's next?

Just a volunteer Moderator, not connected to or affiliated with Winstep Software Technologies, and not an official part of customer service though I do try to help when and where I can if my scarce time permits


Back to top
 Profile  
 
 Post subject: Re: Windows Defender winstep.exe false positive on Windows 1
PostPosted: Tue Dec 18, 2018 9:01 pm 
Offline
Site Admin
Site Admin
User avatar

Joined: Thu Feb 26, 2004 8:30 pm
Posts: 11930
nexter wrote:
While I don't seem to get any interference from Windows Defender, ESET certainly gives me a fair lot of false positives and other headaches, but I have it set up so it asks what it should do every time. :)


Strange. I can't remember the last false positive I got from Eset.

nexter wrote:
That delay to third party apps loading might be needed to prevent some apps from interfering with Windows itself in some way, or for other security related reasons? I'm certainly willing to give them the benefit of the doubt.


I'm not. There is no reason for what they are doing other than to make the Windows desktop appear faster.

I don't have a problem with this. What I DO have a problem with is Microsoft NOT giving the USER the option to select which applications should be able to bypass this artificial and deliberate startup delay.

_________________
Jorge Coelho
Winstep Xtreme - Xtreme Power!
http://www.winstep.net - Winstep Software Technologies


Back to top
 Profile WWW 
 
 Post subject: Re: Windows Defender winstep.exe false positive on Windows 1
PostPosted: Wed Dec 19, 2018 12:14 am 
Offline
User avatar

Joined: Sat Aug 07, 2010 4:23 am
Posts: 108
Location: Lynn, MA (USA)
Jorge wrote:
Quote:
What I DO have a problem with is Microsoft NOT giving the USER the option to select which applications should be able to bypass this artificial and deliberate startup delay.

I know, Really! Who do they think we are? Apple users? :wink:

_________________
My computer is making weird growling noises!
Oh, wait. That's my stomach, it's lunch time!


Back to top
 Profile  
 
 Post subject: Re: Windows Defender winstep.exe false positive on Windows 1
PostPosted: Wed Dec 19, 2018 12:28 am 
Offline
Site Admin
Site Admin
User avatar

Joined: Thu Feb 26, 2004 8:30 pm
Posts: 11930
DanDaBear wrote:
I know, Really! Who do they think we are? Apple users? :wink:


LOL We need to put on our yellow vests and march to Richmond en masse! It will go down in history as the Revolt of the Windows peasants, the day that changed IT (as we know it) forever!!!

We depose Nadella and put Steve Ballmer back in power. Developers! Developers! Developers! YES!!!!


_________________
Jorge Coelho
Winstep Xtreme - Xtreme Power!
http://www.winstep.net - Winstep Software Technologies


Back to top
 Profile WWW 
 
 Post subject: Re: Windows Defender winstep.exe false positive on Windows 1
PostPosted: Wed Dec 19, 2018 10:04 pm 
Offline
Global Moderator
Global Moderator

Joined: Sat Apr 07, 2018 7:19 pm
Posts: 2330
Location: Here, there, and everywhere
winstep wrote:
Strange. I can't remember the last false positive I got from Eset.

Mainly get them on opening older files on USB drives and when scanning USB drives, but also the occasional app.
winstep wrote:
nexter wrote:
That delay to third party apps loading might be needed to prevent some apps from interfering with Windows itself in some way, or for other security related reasons? I'm certainly willing to give them the benefit of the doubt.

I'm not. There is no reason for what they are doing other than to make the Windows desktop appear faster.

Good enough reason, fine by me.
winstep wrote:
I don't have a problem with this. What I DO have a problem with is Microsoft NOT giving the USER the option to select which applications should be able to bypass this artificial and deliberate startup delay.

Well, one could argue the pros and cons endlessly. Personally, I think this may fall into the 'too much choice is never a good thing' category. I always like to wait a few minutes once the desktop comes up to let everything settle down before I do anything. Same under Linux. (Incidentally, start up/boot times with most distros tends to be way longer than Windows, though after that they tend to be slightly faster.)

DanDaBear wrote:
I know, Really! Who do they think we are? Apple users? :wink:

LOL! Err.... Well, yes.... :) Obviously, it's a sad, bad thing that MS is going down that road too, but in this particular case, I really don't think it's important. I like Windows to start up as quickly as possible.

winstep wrote:
....We depose Nadella and put Steve Ballmer back in power. Developers! Developers! Developers! YES!!!!

LOL! It's a damn long walk to Redmond and we'd need some pretty innovative diving gear - and it's not easy walking in/under water at the best of times! - for part of the way. ;)

As for Ballmer, yes! Agreed. Definitely a far more reasonable guy and very much Bill's man in many ways.

_________________
nexter - so, what's next?

Just a volunteer Moderator, not connected to or affiliated with Winstep Software Technologies, and not an official part of customer service though I do try to help when and where I can if my scarce time permits


Back to top
 Profile  
 
 Post subject: Re: Windows Defender winstep.exe false positive on Windows 1
PostPosted: Fri Dec 21, 2018 5:40 am 
Offline
Global Moderator
Global Moderator
User avatar

Joined: Mon Jan 14, 2013 9:51 pm
Posts: 337
Location: Oregon, USA
nexter wrote:
It's a damn long walk to Redmond and we'd need some pretty innovative diving gear - and it's not easy walking in/under water at the best of times! - for part of the way. ;)
Tell me about it. It's going to be rough finding a way to cross the Colorado River. Oh, wait! I can cross on the original London Bridge in Lake Havasu City. /facepalm

OK, guys, see you there!

Who's buying the pizza?


Back to top
 Profile  
 
 Post subject: Re: Windows Defender winstep.exe false positive on Windows 1
PostPosted: Fri Dec 21, 2018 6:04 am 
Offline
Site Admin
Site Admin
User avatar

Joined: Thu Feb 26, 2004 8:30 pm
Posts: 11930
DesertDwarf wrote:
Who's buying the pizza?


That would be me. :)

_________________
Jorge Coelho
Winstep Xtreme - Xtreme Power!
http://www.winstep.net - Winstep Software Technologies


Back to top
 Profile WWW 
 
 Post subject: Re: Windows Defender winstep.exe false positive on Windows 1
PostPosted: Fri Dec 21, 2018 5:52 pm 
Offline
Global Moderator
Global Moderator

Joined: Sat Apr 07, 2018 7:19 pm
Posts: 2330
Location: Here, there, and everywhere
DesertDwarf wrote:
nexter wrote:
It's a damn long walk to Redmond and we'd need some pretty innovative diving gear - and it's not easy walking in/under water at the best of times! - for part of the way. ;)
Tell me about it. It's going to be rough finding a way to cross the Colorado River. Oh, wait! I can cross on the original London Bridge in Lake Havasu City. /facepalm

OK, guys, see you there!

Who's buying the pizza?

You're asking, you're buying! :P

_________________
nexter - so, what's next?

Just a volunteer Moderator, not connected to or affiliated with Winstep Software Technologies, and not an official part of customer service though I do try to help when and where I can if my scarce time permits


Back to top
 Profile  
 
Post new topic Reply to topic Board index : Winstep Forums : General Discussion  [ 10 posts ]
Display posts from previous:  Sort by  

Who is online

Users browsing this forum: Google [Bot] and 78 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron