kmk Posted March 12 Posted March 12 Trojan:Script/Wacatac.B!ml That virus is real? I try to donwload a ips 3party app, my windows defender block that file... https://invisiondevs.com/files/file/24-post-donations/
Daniel F Posted March 12 Posted March 12 Interesting. A client reported the same trojan being present in one of my files, but none of my online scanners could find it. Did Edge report the trojan or another scanner? It seems that all kinds of tar files are false positive reported, see also https://community.home-assistant.io/t/trojan-in-download-full-backup-false-positive-windows-defender/700323/6
kmk Posted March 13 Author Posted March 13 7 hours ago, Daniel F said: It seems that all kinds of tar files are false positive reported In my case, only that file was labeled as contains a virus, all others tar files, from the same dev and from anothers ips 3party sites without that problem.
Solution Kirill Gromov Posted March 13 Solution Posted March 13 There is clearly some kind of error in the built-in antivirus.
Hexsplosions Posted March 13 Posted March 13 (edited) This is happening when downloading a manual update from within the AdminCP. This is Edge reporting it. Windows Defender log: Edited March 13 by Hexsplosions
Hexsplosions Posted March 13 Posted March 13 I downloaded the update using curl, but some Edge users may struggle.
Nathan Explosion Posted March 13 Posted March 13 If you are using Windows Defender then report it as a false positive back to Microsoft: https://www.microsoft.com/en-us/wdsi/filesubmission/ Jim M, Daniel F and Marc 2 1
Hexsplosions Posted March 13 Posted March 13 1 hour ago, Nathan Explosion said: If you are using Windows Defender then report it as a false positive back to Microsoft: https://www.microsoft.com/en-us/wdsi/filesubmission/ Windows Defender blocks the file from being downloaded, so there's nothing to submit. I've mentioned it only for awareness - I don't plan to do anything more with this.
Murmel Posted March 13 Posted March 13 I can not update automatically or download the update file because of this Trojan inside. I should do an update because of security reasons and then my defender is telling me in your update is a Trojan which I should ignore? No way! Please team check your update files for this incident. This is your job. 18 hours ago, Kirill Gromov said: There is clearly some kind of error in the built-in antivirus. Why clearly? Because it's on an update server?
Marc Posted March 14 Posted March 14 10 hours ago, Murmel said: I can not update automatically or download the update file because of this Trojan inside. I should do an update because of security reasons and then my defender is telling me in your update is a Trojan which I should ignore? No way! Please team check your update files for this incident. This is your job. Why clearly? Because it's on an update server? I feel you are misunderstanding here. There is no trojan within the package. Windows defender is falsely identifying it as something it isnt. We have no control in any way over windows defender. Its also not just coming up with our software, but a number of other downloadable items, and some 3rd party authors have been seeing the same.
Recommended Posts