Re: NVDA Remote Infected?


Timothy
 

I had a similar error on a client's computer I was working on a few months ago (maybe six). It turned out that their web browser was infected with a virus, but somehow that effected the add-on with a false positive. I suspect it has to do with the nvdaremote:// URI scheme and how it works, but I've never bothered investigating further due to (1) a lack of knowledge, and (2) the issue going away once I removed the virus from the infected browser, Google Chrome on that case.

Timothy

----- Original Message -----
From: "Luke Davis" <luke@...>
To: <nvda-addons@groups.io>
Sent: Saturday, January 18, 2020 1:21 AM
Subject: [nvda-addons] NVDA Remote Infected?


When attempting to install NVDA Remote 2.2 from
https://nvdaremote.com/remote-2.2.nvda-addon

My client's computers, verified by my own, are getting an error from Windows
Defender, claiming that the file was removed because it contains:

trojan:win32/esulat.a!

Is this a known false positive?

If not, I'm wondering if there is potential that
globalPlugins\remoteClient\url_handler.exe is infected?

Either way, this add-on is currently not installable on Windows 10.

Luke

Join nvda-addons@nvda-addons.groups.io to automatically receive all group messages.