2024.03.19 = Trojan:Win32/Wacatac.B!ml (Win11) #8
Comments
|
It is a false positive. I too encountered it myself when it was released. I was testing if the download URL was working. It happens all the time to open source projects.
It wouldn't matter. Antivirus programs will extract .zip files (or any archive format) and inspect the contents. Otherwise how would they know if an .zip is safe or not? |
|
Thanks. Yeah, I 'm aware it's a common issue. I just thought a zip might be less likely to trigger a false positive than an executable - plus most people should be wary of running an unsigned exe.... |
Perhaps it is just me, I remember email attachments (mostly .zip files) were being flagged by antivirus commonly.
BTW, if you have 7z program installed on your computer, you can use it to extract the .exe file and you won't need to run it (the .exe). You are right about running untrusted exe. However talking from my experience, a signed exe could still be flagged by antivirus. It wouldn't be of much help in this regard. |
|
Ha, I remember back when it was a constant stream of real and false flags from email. I'm using https://github.com/M2Team/NanaZip/releases/tag/3.0.756 for ZST - the difference in compression speed is nuts compared to LZMA, and it takes care of 7z as well - although I didn't realise the exe was a self-extracting 7z at first. Perhaps a note could be added to clarify that? Thanks for your time. |
Windows (virus sigs 1.407.543.0 on Win11 beta) is quarantining https://github.com/Chocobo1/opus-tools_win32-build/releases/download/2024.03.19/opus-tools.exe as Trojan:Win32/Wacatac.B!ml
But VirusTotal reports clean.
The extracted files are reported clean by Windows. Perhaps future releases could be packaged in a zip rather than an exe to maybe avoid this?
The text was updated successfully, but these errors were encountered: