kmk Posted March 12 Share Posted March 12 Trojan:Script/Wacatac.B!ml That virus is real? I try to donwload a ips 3party app, my windows defender block that file... https://invisiondevs.com/files/file/24-post-donations/ Link to comment Share on other sites More sharing options...
Daniel F Posted March 12 Share Posted March 12 Interesting. A client reported the same trojan being present in one of my files, but none of my online scanners could find it. Did Edge report the trojan or another scanner? It seems that all kinds of tar files are false positive reported, see also https://community.home-assistant.io/t/trojan-in-download-full-backup-false-positive-windows-defender/700323/6 Link to comment Share on other sites More sharing options...
kmk Posted March 13 Author Share Posted March 13 7 hours ago, Daniel F said: It seems that all kinds of tar files are false positive reported In my case, only that file was labeled as contains a virus, all others tar files, from the same dev and from anothers ips 3party sites without that problem. Link to comment Share on other sites More sharing options...
Solution Kirill Gromov Posted March 13 Solution Share Posted March 13 There is clearly some kind of error in the built-in antivirus. Link to comment Share on other sites More sharing options...
Hexsplosions Posted March 13 Share Posted March 13 (edited) This is happening when downloading a manual update from within the AdminCP. This is Edge reporting it. Windows Defender log: Edited March 13 by Hexsplosions Link to comment Share on other sites More sharing options...
Marc Stridgen Posted March 13 Share Posted March 13 Seems there is an issue with its detection there Link to comment Share on other sites More sharing options...
Hexsplosions Posted March 13 Share Posted March 13 I downloaded the update using curl, but some Edge users may struggle. Link to comment Share on other sites More sharing options...
Nathan Explosion Posted March 13 Share Posted March 13 If you are using Windows Defender then report it as a false positive back to Microsoft: https://www.microsoft.com/en-us/wdsi/filesubmission/ Marc Stridgen, Daniel F and Jim M 2 1 Link to comment Share on other sites More sharing options...
Hexsplosions Posted March 13 Share Posted March 13 1 hour ago, Nathan Explosion said: If you are using Windows Defender then report it as a false positive back to Microsoft: https://www.microsoft.com/en-us/wdsi/filesubmission/ Windows Defender blocks the file from being downloaded, so there's nothing to submit. I've mentioned it only for awareness - I don't plan to do anything more with this. Link to comment Share on other sites More sharing options...
Murmel Posted March 13 Share Posted March 13 I can not update automatically or download the update file because of this Trojan inside. I should do an update because of security reasons and then my defender is telling me in your update is a Trojan which I should ignore? No way! Please team check your update files for this incident. This is your job. 18 hours ago, Kirill Gromov said: There is clearly some kind of error in the built-in antivirus. Why clearly? Because it's on an update server? Link to comment Share on other sites More sharing options...
Marc Stridgen Posted March 14 Share Posted March 14 10 hours ago, Murmel said: I can not update automatically or download the update file because of this Trojan inside. I should do an update because of security reasons and then my defender is telling me in your update is a Trojan which I should ignore? No way! Please team check your update files for this incident. This is your job. Why clearly? Because it's on an update server? I feel you are misunderstanding here. There is no trojan within the package. Windows defender is falsely identifying it as something it isnt. We have no control in any way over windows defender. Its also not just coming up with our software, but a number of other downloadable items, and some 3rd party authors have been seeing the same. Link to comment Share on other sites More sharing options...
Recommended Posts