Jacob1's Mod

  • laviday
    4th February Member 1 Permalink

    @jacob1 (View Post)

     I downloaded this yesterday and there was a virus attached to the file. Not sure what happened because I downloaded it before without issues. Just letting people know. Just to be clear windows defender wasn't freaking out about the mod. It said a virus named something like Trojan Win32 glupteba|ml was attached. Additionally chrome also claimed it contained a virus.

     

    I'm seeing a lot of conversation of false positives but given that both chrome and Windows Security acted up seems to indicate this time it was genuine.

     

    I also referenced a database of virus names and there are other viruses sharing a similar name.

     

    Believe me. I'd rather have it be a false positive.

     

    Also don't just delete my post about this because it's resolved. I'd be happy to edit it instead declaring it is resolved.

     

    THIS SITUATION IS RESOLVED. IT WAS A FALSE POSITIVE.

    Edited 8 times by laviday. Last: 9th February
  • jacob1
    5th February Developer 1 Permalink
    @laviday (View Post)
    Everyone who downloads this with windows defender enabled (which should be enabled) gets it marked as one of these two:
    Trojan:Win32/Glupteba!ml
    Trojan:Win32/Wacatac.D1!ml

    I got the first one, before I added the exception.

    Feel free to read the posts on the previous page about the issue and make a decision. I'm nearly certain it is a false positive, and you don't have to run it. The removed posts are because that user kept claiming definitively it was a virus, and I got angry at them, so I decided to hide most of the conversation. I resolved it in PM instead.

    I'm hoping the next version of the mod won't have the problem, but we will see. I did recently report it as a false positive to Microsoft, I'm not sure how long they take to respond to stuff like that.

    I did recently read online that any Windows Defender virus ending in "!ml" stands for "machine learning", which makes it much less concrete, it isn't an exact match. It just may have a few similarities
  • SkyCrafter
    6th February Member 1 Permalink

    Because you guys are worried, I ran the 44.5 windows exe through virustotal. 0/70 engines detected the file.

    https://www.virustotal.com/gui/file/1b84e00254f2ba5064ef2a3668f3262151badaa4618c8021b49495e58d989f37/detection

  • laviday
    9th February Member 0 Permalink

    @jacob1 (View Post)

     Thank you. After investigation it does appear to be a false positive. 

  • ChargedCreeper
    9th February Member 0 Permalink

    @jacob1 (View Post)

     Seems like a fault of Windows Defender. Apparently, defender even detects some of Microsoft's own code as such.

    Windows Defender reporting for Trojan:Win32/Wacatac.D!ml when building runtime · Issue #35167 · dotnet/runtime · GitHub

  • IEATDIRT
    22nd February Member 0 Permalink

    windows defender doesnt block it for me, but says cracker1000's is a different type of trojan, next time i'm at my dad's (im 11 and my parents divorced) i will see what type it says

    Edited once by IEATDIRT. Last: 23rd February
  • IlikeUssr
    23rd February Member 0 Permalink

    damn 

    1600 posts here

  • FireFoxReaper
    31st March Member 0 Permalink

    @laviday (View Post)

     Same here. I'm not sure why but it said there was a Trojan attached to it. I'm gonna check again but I hope nothing happens.

  • jacob1
    31st March Developer 0 Permalink
    @FireFoxReaper (View Post)
    Can you check if your Windows Defender definitions are up to date? Open up Defender and make sure you have the latest virus definitions. The latest ones should resolve the issue of my mod being reported as a false positive (and other mods too, I believe).
  • nicholi712
    6th April Member 0 Permalink

    Whats up