Jump to content
IObit Forum
Top Free Driver Updater Tools Best 25 PC Optimization Software Best 22 Antimalware Best 22 Uninstaller Software IObit Coupons & Discount Offers PC Optimizer Mac Boost Advice IObit Advanced SystemCare Pro Review IObit Coupons A Good Utility Program From IObit IObit Driver Booster Pro Review IObit Promo Codes IObit Coupon Codes IObit Coupons and Deals FAQs IObit Software Coupons & Promo Code

false positive report for BioniX Desktop Wallpaper Changer [SOLVED by whitelisting by IObit in db 1724]


Recommended Posts

Hi

I (BioniX developer) am getting a lot of crashes in BioniX. Analyzing the bug reports sent by users I realized they all have something in common: all these users have IOBit installed.

It seems that IOBit is blocking BioniX from accessing its own files. I am not talking about exe files, but plain TXT and PNG files. Come on! Who puts a virus in a TXT file?

 

BioniX checks for file existence. If file exists then it tries to load it. This is where IOBit blocks the access and (in some cases) BioniX crashes.

Please fix this issue as fast as possible.

 

BioniX Wallpaper Changer is the oldest wallpaper manager. It was releases in 1999 and it is online since then. It has a HUGE user base & nice reputation.

http://www.bionixWallpaper.com

 

Thanks

Link to comment
Share on other sites

  • 2 weeks later...

Hi BioniX?

 

Sorry for my late reply. It is really busy with the new IObit Malware Fighter 6 beta 1 and it is going out soon. :-)

 

For the false positive you mentioned, we could not reproduce the issue by analyzing BioniX Wallpaper Changer.

 

 

To check whether it is a false positive, please take the steps as follows:

 

1. Make sure you update it to the latest definitions version.

 

2. After the scan, please click the "Save Report" button on the bottom left and send us the report

 

Looking forward to your reply.

 

 

Link to comment
Share on other sites

Hi. Thanks for your answer. I really thought I will never get an answer :)

____

 

I uploaded some images.

We have many hundreds of reports like this from users all over the world. I selected some screenshots from users from UK, Russia, France, etc, just to show how spread this bug is.

 

As you can see IOBit is blocking access to 'innocent' files, like JPG and TXT. JPG/TXT files cannot contain a virus because they are not executable. What is the point of blocking access to TXT and JPG files?

Link to comment
Share on other sites

Hi Bionix, welcome to IObit Forum! :-)

 

It is most probably false positive, but for IObit to analyze the file(s) please ask for an IMF report (IMF report with the latest fingerprint db) from the users and post it (them) in your next post including the link for Wikisend uploaded false positive file(s) . Then IObit will correct the IMF Database.

 

Although it may well be false positive, IMF finds the behavior (trying to access to a file) of the file and the requested actions as malicious behavior, not the image file itself,

That's why it is flagging them.

Putting the files (Bionix Wallpaper.exe) to White List will help.

 

BTW, great programs for wallpapers. Thumbs up

 

Cheers.

Link to comment
Share on other sites

>IMF finds the behavior (trying to access to a file) of the file and the requested actions as malicious behavior, not the image file itself,

 

But (as a developer) I ask, shouldn't IOBIT ignore when a program (even if considered possible malicious) tries to access a TXT file?

Since we know the TXT file is harmless, why block the access to it, and provoke unnecessary hindrance (as in this case)?

 

> Putting the files (Bionix Wallpaper.exe) to White List will help.

It might. But how do we contact all our possible customers (before they access our web site to download/install BioniX) to tell them to put BioniX in the white list.

Even more 50% of them know so little about computers (think elderly) that white-listing a program in an antivirus is a major/complex task.

Link to comment
Share on other sites

OK Bionix, although I think same like you on the subject of unnecessary hindrance, I am not going into the technical side of it, but please see the following comment in Bleeping Computer Forum on this subject.

 

https://www.bleepingcomputer.com/forums/t/128812/can-a-txt-file-be-infected/

 

To be on the safe side, supposing access to any file (in general) may be because of a malicious behavior, is the heuristic side of the approach. I think.

 

Cheers.

Link to comment
Share on other sites

> To be on the safe side, supposing access to any file (in general) may be because of a malicious behavior, is the heuristic side of the approach.

 

Yes, but blocking a program RANDOMLY from accessing some files will obviously cause the program to crash. Good good - it might even cause disk corruption! A program should be permanently blocked, or not at all.

In our case, to prevent this, BioniX will test if a file exists before loading it. But IOBit let's BioniX to test for file existence. Once BioniX determines the file exists, it will try to load it since the check shows 'green light'. But not BioniX crashes since it cannot access the (TXT) file. Maybe IObit should prevent ANY access to the file. Now is only doing half of the job.

 

BioniX crashes, user unhappy - and this for no reason.

We decided to check if IOBit is installed in user's computer BEFORE BioniX initializes. If IOBit is present we will inform the user about what is going and present some options to the user - like disabling/uninstalling IObit OR Bionix. Since they are incompatible one of them has to go :(

 

If you can fix this false positive, just let us know. We (us and the users) will be very happy.

 

Many thanks.

 

Link to comment
Share on other sites

Hi again BioniX,

 

First of all I am not from IObit, so I hope IObit staff is reading your comments, and I am sure that IObit will find a solution to make you and your users happy, but my comment on supplying IMF report and the link to download the false positive file is still relevant.

 

Cheers.

Link to comment
Share on other sites

Hi BioniX?

 

Sorry for my late reply.

 

As Enoskype mentioned it is not a false positive. As the program BioniX did not sign, our Anti-ransomware Engion block it. But we have add it into White List. Please update to the latest database to solve the issue.

 

@enoskype, sorry for my late reply. Thanks for your timely help. :-)

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...