Newt gets removed by Trend Micro

Question

Newt gets removed by Trend Micro

Opened this issue 4 years ago · 1 comments

The pre-built version of Mynewt Newt gets automatically removed by the Trend micro Antivirus software on Windows because of "Unauthorized file encryption".

This seems to happen when running the new install command, but I suspect other commands will trigger it as well. newt --help does not.

Not a lot of information is given by Trend Micro on why the behavior is considered "Unauthorized file encryption":

The "details" link just points to a generic search on their site: https://www.trendmicro.com/vinfo/us/threat-encyclopedia/search/unauthorized%20file%20encryption

Environment:

Windows 10 Pro Version 1909
Newt 1.7.0
Trend Micro Virus pattern 15.609.00
Virus scan engine 11.000.1006
Agent version 6.7.1206/14.2.116

Answer 1 · 2020-01-10T12:19:06.000Z

This might be helpful to report the false positive: https://success.trendmicro.com/solution/1115269-reporting-a-false-positive-issue-that-occurs-in-officescan-osce-xg#collapseSix