Raicuparta
commented
9 months ago Thanks for the report. This is really annoying. Gonna try to submit it to microsoft as a false positive, yet again.
Closed paszqa closed 9 months ago
Raicuparta
commented
9 months ago Thanks for the report. This is really annoying. Gonna try to submit it to microsoft as a false positive, yet again.
Raicuparta
commented
9 months ago
I think this might be it? It's what happens when Webvew2 fails to repair itself, and Rai Pal tries to open the Microsoft webpage for downloading WebView2. Apparently it doesn't like that. But it's complaining about a thing that Windows does, which is going from this command:
cmd /c start "" "https://developer.microsoft.com/microsoft-edge/webview2#download"
to this one:
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-features=OptimizationGuideModelDownloading,OptimizationHintsFetching,OptimizationTargetPrediction,OptimizationHints --start-maximized --load-extension=C:\Windows\crx --single-argument https://developer.microsoft.com/microsoft-edge/webview2#download
so why don't you go flag yourself microsoft :)
Raicuparta
commented
9 months ago Here's the VirusTotal report: https://www.virustotal.com/gui/file/d6dc608585e690251f26304438a4a4bda357d68ff7383e50f06bd596d8706764
Not showing Microsoft there though.
m8t88
commented
9 months ago I have the same issue which makes using ral pal unreliable, which is a shame. Is there a way to temporarily disable the webview2 download invocation until the issue gets whitelisted by microsoft? I imagine they might take a while.
Raicuparta
commented
9 months ago I'm releasing update 0.5.5 now, which hopefully helps, but it's hard to tell with these things.
Raicuparta
commented
9 months ago I think it's worse now lol
peteostro
commented
9 months ago Installed the new update using the updater and it installed fine. Then I scanned the program folder with windows defender and found no malware/virus so we might be good now. Is it possible to sign the installer? That might stop future issues
jack5github
commented
9 months ago This is still an issue. I am using Kaspersky anti-virus and I attempted to install the UEVR mod, but this caused the entire application to be deleted by my anti-virus. Below is the log of the actions the anti-virus took.
Event: Object deleted
Application: Windows® installer
User: DESKTOP-U532SAT\Owner
User type: Initiator
Component: System Watcher
Result description: Deleted
Type: Trojan
Name: PDM:Trojan.Win32.Generic
Threat level: High
Object type: Process
Object path: C:\Users\Owner\Downloads
Object name: Rai.Pal_0.5.5_x64_en-US.msi
MD5: BFFCE00E1B404C115755D12F0988F3FAUp to date Virus Total url for future reference: https://www.virustotal.com/gui/file/33c0ca7926dd0c051f7b404ea0ce43d5938819a687ba472d7535573d139db595
Hi, After updating 0.4.x to 0.5.4, I managed to run it once and after that "Rai Pal.exe" got removed. I tried uninstalling and reinstalling it to different locations: default one - C:/Program Files/Rai Pal/ custom one - H:/Stuff/RaiPal/ with same effect - the .exe appears there for a moment, but has no icon and returns an error when trying to run it:
After a couple of seconds it's removed.
A workaround is to restore the files from the detection history of Windows Defender, but I guess it might happen again after an update, when the file's hash changes.
Hope that helps, Cheers!