[Bug] Marked as a virus by Defender and other anti-viruses?

pnxl commented 5 months ago

Current Behaviour

Controlify gets flagged as a virus that can execute commands from an attacker.

Expected Behaviour

not be flagged lmao

Screenshots

Reproduction Steps

download

Logs

No response

Mod Version

2.0.0-beta.2

Controller

No response

Bluetooth

[ ] Yes

Operating System

Windows

ARM

[ ] Yes

Additional Information

2.0.0-beta.2+24w14potato.jar VirusTotal hash: https://www.virustotal.com/gui/file-analysis/OTc3YjIzMGE0NGRmZjU1MTIwYzZiY2I2ZWRlZjJlOGI6MTcxMjkwNzUwNQ==

2.0.0-beta.2+1.20.4. VirusTotal hash: https://www.virustotal.com/gui/file/b7e129766e3dbfd6fbf93ae7cfc568c5a43001479617024a4fb5371003ecb240

Just to make sure...

[X] I have made sure I am using the latest version of Controlify for the latest version of Minecraft.
[X] I have made sure there are no other issues describing the same problem on the issue tracker.

isXander commented 5 months ago

This is a false positive, you can safely use controlify.

meridianrealms commented 5 months ago

Also receiving this with windows defender as of this morning. Wasn't being flagged about 12 hours ago.

ManuFlosoYT commented 5 months ago

Incompatible mods found!
net.fabricmc.loader.impl.FormattedException: net.fabricmc.loader.impl.discovery.ModResolutionException: Mod discovery failed!
    at net.fabricmc.loader.impl.FormattedException.ofLocalized(FormattedException.java:63)
    at net.fabricmc.loader.impl.FabricLoaderImpl.load(FabricLoaderImpl.java:197)
    at net.fabricmc.loader.impl.launch.knot.Knot.init(Knot.java:146)
    at net.fabricmc.loader.impl.launch.knot.Knot.launch(Knot.java:68)
    at net.fabricmc.loader.impl.launch.knot.KnotClient.main(KnotClient.java:23)
Caused by: net.fabricmc.loader.impl.discovery.ModResolutionException: Mod discovery failed!
    at net.fabricmc.loader.impl.discovery.ModDiscoverer.lambda$discoverMods$1(ModDiscoverer.java:147)
    at net.fabricmc.loader.impl.util.ExceptionUtil.gatherExceptions(ExceptionUtil.java:33)
    at net.fabricmc.loader.impl.discovery.ModDiscoverer.discoverMods(ModDiscoverer.java:147)
    at net.fabricmc.loader.impl.FabricLoaderImpl.setup(FabricLoaderImpl.java:215)
    at net.fabricmc.loader.impl.FabricLoaderImpl.load(FabricLoaderImpl.java:192)
    ... 3 more
Caused by: java.lang.RuntimeException: java.lang.RuntimeException: Error analyzing [D:\Minecraft\ATLauncher\instances\FabulouslyOptimized\mods\Controlify-2.0.0-beta.2+1.20.4.jar]: java.io.FileNotFoundException: D:\Minecraft\ATLauncher\instances\FabulouslyOptimized\mods\Controlify-2.0.0-beta.2+1.20.4.jar (No se pudo completar la operación porque el archivo contiene un virus o software potencialmente no deseado)
    at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
    at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:77)
    at java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
    at java.base/java.lang.reflect.Constructor.newInstanceWithCaller(Constructor.java:499)
    at java.base/java.lang.reflect.Constructor.newInstance(Constructor.java:480)
    at java.base/java.util.concurrent.ForkJoinTask.getThrowableException(ForkJoinTask.java:562)
    at java.base/java.util.concurrent.ForkJoinTask.reportExecutionException(ForkJoinTask.java:604)
    at java.base/java.util.concurrent.ForkJoinTask.get(ForkJoinTask.java:981)
    at net.fabricmc.loader.impl.discovery.ModDiscoverer.discoverMods(ModDiscoverer.java:144)
    ... 5 more
Caused by: java.lang.RuntimeException: Error analyzing [D:\Minecraft\ATLauncher\instances\FabulouslyOptimized\mods\Controlify-2.0.0-beta.2+1.20.4.jar]: java.io.FileNotFoundException: D:\Minecraft\ATLauncher\instances\FabulouslyOptimized\mods\Controlify-2.0.0-beta.2+1.20.4.jar (No se pudo completar la operación porque el archivo contiene un virus o software potencialmente no deseado)
    at net.fabricmc.loader.impl.discovery.ModDiscoverer$ModScanTask.compute(ModDiscoverer.java:288)
    at net.fabricmc.loader.impl.discovery.ModDiscoverer$ModScanTask.compute(ModDiscoverer.java:237)
    at java.base/java.util.concurrent.RecursiveTask.exec(RecursiveTask.java:100)
    at java.base/java.util.concurrent.ForkJoinTask.doExec(ForkJoinTask.java:373)
    at java.base/java.util.concurrent.ForkJoinPool$WorkQueue.topLevelExec(ForkJoinPool.java:1182)
    at java.base/java.util.concurrent.ForkJoinPool.scan(ForkJoinPool.java:1655)
    at java.base/java.util.concurrent.ForkJoinPool.runWorker(ForkJoinPool.java:1622)
    at java.base/java.util.concurrent.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:165)
Caused by: java.io.FileNotFoundException: D:\Minecraft\ATLauncher\instances\FabulouslyOptimized\mods\Controlify-2.0.0-beta.2+1.20.4.jar (No se pudo completar la operación porque el archivo contiene un virus o software potencialmente no deseado)
    at java.base/java.io.RandomAccessFile.open0(Native Method)
    at java.base/java.io.RandomAccessFile.open(RandomAccessFile.java:344)
    at java.base/java.io.RandomAccessFile.<init>(RandomAccessFile.java:259)
    at java.base/java.io.RandomAccessFile.<init>(RandomAccessFile.java:213)
    at java.base/java.util.zip.ZipFile$Source.<init>(ZipFile.java:1442)
    at java.base/java.util.zip.ZipFile$Source.get(ZipFile.java:1407)
    at java.base/java.util.zip.ZipFile$CleanableResource.<init>(ZipFile.java:716)
    at java.base/java.util.zip.ZipFile.<init>(ZipFile.java:250)
    at java.base/java.util.zip.ZipFile.<init>(ZipFile.java:179)
    at java.base/java.util.zip.ZipFile.<init>(ZipFile.java:193)
    at net.fabricmc.loader.impl.discovery.ModDiscoverer$ModScanTask.computeJarFile(ModDiscoverer.java:309)
    at net.fabricmc.loader.impl.discovery.ModDiscoverer$ModScanTask.compute(ModDiscoverer.java:278)
    ... 7 more

I cant even open the game, Fabric will instantly crash and return this along with a Microsoft Defender message

dmx0987654321 commented 5 months ago

I have the same problem. I cannot "safely use Controlify" no matter how hard I try, because Fabric will not launch the game with it installed. I only got it to launch after Windows Defender quarantined the file and it was no longer being accessed by Fabric.

aquahonoredhi commented 5 months ago

I am also having this issue. it was working fine moments ago, until my game crashed and it now gets flagged as a virus

Fsuiopmn commented 5 months ago

this happened to me too, didnt really know i had this mod lmao but i had to remove it to even play mc even though im about 99% certain its not a trojan, also started happening recently

AnnsAnns commented 5 months ago

Looks like controllify became the victim of the Microsoft Defender wrath in a really annoying way, it completely broke my modpack too

isXander commented 5 months ago

You can make an exemption to the mod file to allow your game to load.

isXander commented 5 months ago

I have submitted a false positive to Windows Defender and the detection has now been removed. Here are the steps to make sure your malware definitions are up-to-date (taken from the submission portal):

Open command prompt as administrator and change directory to C:\Program Files\Windows Defender
Run MpCmdRun.exe -removedefinitions -dynamicsignatures
Run MpCmdRun.exe -SignatureUpdate

Alternatively, the latest definition is available for download here: https://docs.microsoft.com/microsoft-365/security/defender-endpoint/manage-updates-baselines-microsoft-defender-antivirus

michallipka commented 4 days ago

Hi. It is still marked as a virus Trojan by some antivirus engines (see https://www.virustotal.com/gui/file/b7e129766e3dbfd6fbf93ae7cfc568c5a43001479617024a4fb5371003ecb240). Could you reach out to them as well?

isXander / Controlify