search

VidYen / VidYen-WordPress-Plugins

VidYen Plugins for WordPress
GNU General Public License v2.0
9 stars 2 forks source link

Trojan:Script/Cloxer.A!cl #87

Closed VidYen closed 5 years ago

VidYen commented 5 years ago

I'm getting a false positive on even adscend PHP files with latest Windows Defender 10 update.

Although it is unlikely my WordPress users will ever have the php files locally, but people on GitHub may be more likely to so I am making them aware that I am getting:

Trojan:Script/Cloxer.A!cl

On several files. Some which have nothing to do with crypto or browser mininers.

This may encourage me to continue the wording switching of "Miner" to "Worker"

And maybe even "crypto currency" to "digital Currency" etc etc (to be fair... XRP is a digital currency as it has neither crypto nor decentralization)

Anyways... Beyond those wording changes... I submitted it to Microsoft as a false positive since they do this with other people's software all the time (including declaring Amazon Music helper a virus).

I did a scan of the files with Malwarebytes and Hitman Pro because I am paranoid even though GitHub and Atom claim that where no files changes recently and I don't see anything abnormal with my code.

More of an FYI.

VidYen commented 5 years ago

Tree View vidyen-point-system-vyps.php / Not malware Not malware Cloud Not malware Client No malware detected No malware detected Online 1.275.1134.0

Microsoft got back with and said these files have no malware in them, but will take no action... face palm

VidYen commented 5 years ago

I'm not 100% sure, but I think Defender has gotten over this since I reported it as a false positive since its not screaming anymore about my temp directory, but I will have to do a scan later when I'm less irritated at it.

VidYen commented 5 years ago

I spent too much time on this today think it was resolved, but it was not. Appears to be something related with Atom. Notepadd++ seems fine, but Windows Defender gets angry with the whole thing.

On a side note... I did mess around with ClamAV and scanned the entire repository via a NIX based machine and said everything was fine. Malwarebytes still doesn't complain. Oh and if the files are copied and then scanned without Atom messing with it, then it seems to not care.

Just annoying to me.

VidYen commented 5 years ago

I believe this might have had something to do with Google Backup & Sync. On new install. No longer getting issue. Closing.