search

PandaTeemo / YoloMouse

Game Cursor Changer
The Unlicense
185 stars 42 forks source link

64bit Installer in Windows 10 throws a Windows Defender alert: Win32/Clavior.B1cl signature. #7

Open sunmachine opened 7 years ago

sunmachine commented 7 years ago

Product Name %%827 Product Version 4.11.15063.0 Detection ID {1ED108B0-298E-49AC-924D-4B5EF97A4B30} Detection Time 2017-05-13T14:47:33.680Z Unused
Unused2
Threat ID 2147712483 Threat Name Trojan:Win32/Clavior.B!cl Severity ID 5 Severity Name Severe Category ID 8 Category Name Trojan FWLink https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Clavior.B!cl&threatid=2147712483&enterprise=0 Status Code 3 Status Description
State 2 Source ID 4 Source Name %%819 Process Name Unknown Detection User SANDBOX\SandboxUser Unused3
Path containerfile:_C:\Users\SandboxUser\Downloads\YoloMouse64.msi;file:_C:\Users\SandboxUser\Downloads\YoloMouse64.msi->cab1.cab->YoloMouseExe;webfile:_C:\Users\SandboxUser\Downloads\YoloMouse64.msi|https://github-cloud.s3.amazonaws.com/releases/18508220/7db9c690-300d-11e7-812a-661e5fbbd6aa.msi?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAISTNZFOVBIJMK3TQ%2F20170513%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20170513T144725Z&X-Amz-Expires=300&X-Amz-Signature=574d7f8e6631302a2ae6e202f1c33eb2cb87525931c90127dd63bd6b7a4c1301&X-Amz-SignedHeaders=host&actor_id=2231775&response-content-disposition=attachment%3B%20filename%3DYoloMouse64.msi&response-content-type=application%2Foctet-stream|chrome.exe Origin ID 4 Origin Name %%847 Execution ID 0 Execution Name %%812 Type ID 8 Type Name %%862 Pre Execution Status 0 Action ID 2 Action Name %%809 Unused4
Error Code 0x80508023 Error Description The program could not find the malware and other potentially unwanted software on this device.
Unused5
Post Clean Status 0 Additional Actions ID 0 Additional Actions String No additional actions required Remediation User NT AUTHORITY\SYSTEM Unused6
Signature Version AV: 1.243.303.0, AS: 1.243.303.0, NIS: 116.88.0.0 Engine Version AM: 1.1.13704.0, NIS: 2.1.12706.0

sunmachine commented 7 years ago

Another note: this does not happen on the 0.9.0 32-bit installer. You may want to shuffle a bit to fix the signature collision.

PandaTeemo commented 7 years ago

windows defender false positives half my updates. i cant really control it even if i recompile it to make it happy one time, itll update itself with new signatures and get angry another time. its a very bipolar antivirus.

On Sat, May 13, 2017 at 10:08 AM, Dan Peavey notifications@github.com wrote:

Another note: this does not happen on the 0.9.0 32-bit installer. You may want to shuffle a bit to fix the signature collision.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/PandaTeemo/YoloMouse/issues/7#issuecomment-301261158, or mute the thread https://github.com/notifications/unsubscribe-auth/AG3FMazs6hcX4lN7yGBGx32CeMQyp5yIks5r5eOAgaJpZM4NaGDb .

sunmachine commented 7 years ago

True that.