[Bug] Marked as a virus by Defender and other anti-viruses?
pnxl opened this issue 路 10 comments
Current Behaviour
Controlify gets flagged as a virus that can execute commands from an attacker.
Expected Behaviour
not be flagged lmao
Screenshots
Reproduction Steps
- download
Logs
No response
Mod Version
2.0.0-beta.2
Controller
No response
Bluetooth
- Yes
Operating System
Windows
ARM
- Yes
Additional Information
2.0.0-beta.2+24w14potato.jar VirusTotal hash: https://www.virustotal.com/gui/file-analysis/OTc3YjIzMGE0NGRmZjU1MTIwYzZiY2I2ZWRlZjJlOGI6MTcxMjkwNzUwNQ==
2.0.0-beta.2+1.20.4. VirusTotal hash: https://www.virustotal.com/gui/file/b7e129766e3dbfd6fbf93ae7cfc568c5a43001479617024a4fb5371003ecb240
Just to make sure...
- I have made sure I am using the latest version of Controlify for the latest version of Minecraft.
- I have made sure there are no other issues describing the same problem on the issue tracker.
Also receiving this with windows defender as of this morning. Wasn't being flagged about 12 hours ago.
Incompatible mods found!
net.fabricmc.loader.impl.FormattedException: net.fabricmc.loader.impl.discovery.ModResolutionException: Mod discovery failed!
at net.fabricmc.loader.impl.FormattedException.ofLocalized(FormattedException.java:63)
at net.fabricmc.loader.impl.FabricLoaderImpl.load(FabricLoaderImpl.java:197)
at net.fabricmc.loader.impl.launch.knot.Knot.init(Knot.java:146)
at net.fabricmc.loader.impl.launch.knot.Knot.launch(Knot.java:68)
at net.fabricmc.loader.impl.launch.knot.KnotClient.main(KnotClient.java:23)
Caused by: net.fabricmc.loader.impl.discovery.ModResolutionException: Mod discovery failed!
at net.fabricmc.loader.impl.discovery.ModDiscoverer.lambda$discoverMods$1(ModDiscoverer.java:147)
at net.fabricmc.loader.impl.util.ExceptionUtil.gatherExceptions(ExceptionUtil.java:33)
at net.fabricmc.loader.impl.discovery.ModDiscoverer.discoverMods(ModDiscoverer.java:147)
at net.fabricmc.loader.impl.FabricLoaderImpl.setup(FabricLoaderImpl.java:215)
at net.fabricmc.loader.impl.FabricLoaderImpl.load(FabricLoaderImpl.java:192)
... 3 more
Caused by: java.lang.RuntimeException: java.lang.RuntimeException: Error analyzing [D:\Minecraft\ATLauncher\instances\FabulouslyOptimized\mods\Controlify-2.0.0-beta.2+1.20.4.jar]: java.io.FileNotFoundException: D:\Minecraft\ATLauncher\instances\FabulouslyOptimized\mods\Controlify-2.0.0-beta.2+1.20.4.jar (No se pudo completar la operaci贸n porque el archivo contiene un virus o software potencialmente no deseado)
at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.base/java.lang.reflect.Constructor.newInstanceWithCaller(Constructor.java:499)
at java.base/java.lang.reflect.Constructor.newInstance(Constructor.java:480)
at java.base/java.util.concurrent.ForkJoinTask.getThrowableException(ForkJoinTask.java:562)
at java.base/java.util.concurrent.ForkJoinTask.reportExecutionException(ForkJoinTask.java:604)
at java.base/java.util.concurrent.ForkJoinTask.get(ForkJoinTask.java:981)
at net.fabricmc.loader.impl.discovery.ModDiscoverer.discoverMods(ModDiscoverer.java:144)
... 5 more
Caused by: java.lang.RuntimeException: Error analyzing [D:\Minecraft\ATLauncher\instances\FabulouslyOptimized\mods\Controlify-2.0.0-beta.2+1.20.4.jar]: java.io.FileNotFoundException: D:\Minecraft\ATLauncher\instances\FabulouslyOptimized\mods\Controlify-2.0.0-beta.2+1.20.4.jar (No se pudo completar la operaci贸n porque el archivo contiene un virus o software potencialmente no deseado)
at net.fabricmc.loader.impl.discovery.ModDiscoverer$ModScanTask.compute(ModDiscoverer.java:288)
at net.fabricmc.loader.impl.discovery.ModDiscoverer$ModScanTask.compute(ModDiscoverer.java:237)
at java.base/java.util.concurrent.RecursiveTask.exec(RecursiveTask.java:100)
at java.base/java.util.concurrent.ForkJoinTask.doExec(ForkJoinTask.java:373)
at java.base/java.util.concurrent.ForkJoinPool$WorkQueue.topLevelExec(ForkJoinPool.java:1182)
at java.base/java.util.concurrent.ForkJoinPool.scan(ForkJoinPool.java:1655)
at java.base/java.util.concurrent.ForkJoinPool.runWorker(ForkJoinPool.java:1622)
at java.base/java.util.concurrent.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:165)
Caused by: java.io.FileNotFoundException: D:\Minecraft\ATLauncher\instances\FabulouslyOptimized\mods\Controlify-2.0.0-beta.2+1.20.4.jar (No se pudo completar la operaci贸n porque el archivo contiene un virus o software potencialmente no deseado)
at java.base/java.io.RandomAccessFile.open0(Native Method)
at java.base/java.io.RandomAccessFile.open(RandomAccessFile.java:344)
at java.base/java.io.RandomAccessFile.<init>(RandomAccessFile.java:259)
at java.base/java.io.RandomAccessFile.<init>(RandomAccessFile.java:213)
at java.base/java.util.zip.ZipFile$Source.<init>(ZipFile.java:1442)
at java.base/java.util.zip.ZipFile$Source.get(ZipFile.java:1407)
at java.base/java.util.zip.ZipFile$CleanableResource.<init>(ZipFile.java:716)
at java.base/java.util.zip.ZipFile.<init>(ZipFile.java:250)
at java.base/java.util.zip.ZipFile.<init>(ZipFile.java:179)
at java.base/java.util.zip.ZipFile.<init>(ZipFile.java:193)
at net.fabricmc.loader.impl.discovery.ModDiscoverer$ModScanTask.computeJarFile(ModDiscoverer.java:309)
at net.fabricmc.loader.impl.discovery.ModDiscoverer$ModScanTask.compute(ModDiscoverer.java:278)
... 7 more
I cant even open the game, Fabric will instantly crash and return this along with a Microsoft Defender message
I have the same problem. I cannot "safely use Controlify" no matter how hard I try, because Fabric will not launch the game with it installed. I only got it to launch after Windows Defender quarantined the file and it was no longer being accessed by Fabric.
I am also having this issue. it was working fine moments ago, until my game crashed and it now gets flagged as a virus
this happened to me too, didnt really know i had this mod lmao but i had to remove it to even play mc even though im about 99% certain its not a trojan, also started happening recently
Looks like controllify became the victim of the Microsoft Defender wrath in a really annoying way, it completely broke my modpack too
I have submitted a false positive to Windows Defender and the detection has now been removed.
Here are the steps to make sure your malware definitions are up-to-date (taken from the submission portal):
- Open command prompt as administrator and change directory to
C:\Program Files\Windows Defender
- Run
MpCmdRun.exe -removedefinitions -dynamicsignatures
- Run
MpCmdRun.exe -SignatureUpdate
Alternatively, the latest definition is available for download here: https://docs.microsoft.com/microsoft-365/security/defender-endpoint/manage-updates-baselines-microsoft-defender-antivirus