DavidXanatos
commented
8 months ago Nope, just complain with the AV vendor of your choice to clear the false positive.
Closed papiru5 closed 4 months ago
DavidXanatos
commented
8 months ago Nope, just complain with the AV vendor of your choice to clear the false positive.
AlxVD
commented
8 months ago It's probably because DCryptor is used in a several ransomware campaigns nowadays.
Therefore the ability to install it "silently" may not be a good thing.
DavidXanatos
commented
8 months ago It's probably because DCryptor is used in a several ransomware campaigns nowadays.
Therefore the ability to install it "silently" may not be a good thing.
You think removing silent install from the installer would help? I can try that.
About the ransomware campaigns this is why with build 1.3.0 we added "safe system volume encryption (botoloader is tested before anythign gets encrypted)" it only protects the system volume but most users only have one volume anyways.
AlxVD
commented
8 months ago You think removing silent install from the installer would help? I can try that.
Won't really help, of cause - AFAIR they just copy folder with installed program over the SMB and run dcinst remotely.
P.S. Here is site with description of one such campaign: https://id-ransomware.blogspot.com/2023/04/dchelp-ransomware.html
DavidXanatos
commented
4 months ago We have digitally signed the installer so that should take care of most of the false positives: https://github.com/DavidXanatos/DiskCryptor/releases/tag/v1.3.0b
At VT new version has 32/72 score with most common AV brands like MS, Symantec, Kaspersky, McAfee and so on, so installation is about question. Do you plan to sign executable and fit AV tests?