NCrunch.AppContainer.exe flagged as Trojan:Win32/Bluteal.B!rfn - Setup Problems

Welcome Guest! To enable all features please Login or Register.

Notification

Error

NCrunch Forum » General Support » Setup Problems » NCrunch.AppContainer.exe flagged as Trojan:Win32/Bluteal.B!rfn

NCrunch.AppContainer.exe flagged as Trojan:Win32/Bluteal.B!rfn

Options

Previous Topic Next Topic

shellicar		#1 Posted : Thursday, June 21, 2018 11:37:17 PM(UTC)
Rank: Newbie Groups: Registered Joined: 5/25/2018(UTC) Posts: 7 Location: Australia Thanks: 1 times Was thanked: 2 time(s) in 2 post(s)		A virus scan for my organisation flagged one of the NCrunch files. The following has the pertinent information from the report. Quote: System Center Endpoint Protection has detected malware on one or more computers in your organization Malware Name: Trojan:Win32/Bluteal.B!rfn Number of infections: 1 Last detection time(UTC time): 6/21/2018 2:00:01 PM Detection time(UTC time): 6/21/2018 2:00:01 PM Malware file path: file:_C:\Program Files (x86)\Microsoft Visual Studio\2017\Enterprise\Common7\IDE\Extensions\Remco Software\NCrunch for Visual Studio 2017\NCrunch.AppContainer.exe Remediation action: Quarantine Action status: Succeeded
Back to top

User Profile View All Posts by User View Thanks

Remco		#2 Posted : Thursday, June 21, 2018 11:45:35 PM(UTC)
Rank: NCrunch Developer Groups: Administrators Joined: 4/16/2011(UTC) Posts: 7,123 Thanks: 957 times Was thanked: 1286 time(s) in 1193 post(s)		Hi, thanks for sharing this. You have my assurance that NCrunch does not contain a virus. This is a false positive. If you like, you can check the results of online services that are able to push the file through a range of different scanners. Virus Total has quite a good one that allows you to scan a file without downloading it. As a vendor, there is unfortunately very little I can do about false positives. It isn't possible to design a product around virus scanner detection systems, and because NCrunch does a range of things that a scanner would consider suspect (starting processes, manipulating DLLs and PDBs), there will always be a high occurrence of false positives when scanning it. The NCrunch.AppContainer.exe process is only used by NCrunch when running tests over legacy Windows Store applications. Assuming you're not developing in such a scenario, NCrunch should work fine without this file.
Back to top

User Profile View All Posts by User View Thanks

shellicar		#3 Posted : Thursday, June 21, 2018 11:49:06 PM(UTC)
Rank: Newbie Groups: Registered Joined: 5/25/2018(UTC) Posts: 7 Location: Australia Thanks: 1 times Was thanked: 2 time(s) in 2 post(s)		Thanks for the swift reply. That's what I thought based on other assemblies being flagged with the same heuristic. Good to know that I can use it without that file.
Back to top

User Profile View All Posts by User View Thanks

Users browsing this topic
Guest

NCrunch Forum » General Support » Setup Problems » NCrunch.AppContainer.exe flagged as Trojan:Win32/Bluteal.B!rfn

Forum Jump

You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.