However, as the antivirus product heuristics change from one day to another and the false detections occur very often it is really difficult for us to continuously keep all our application files whitelisted, even if we try to do all our best. We will try to contact those AV vendors and report these false positives. Those 3 in particular are super prone to false positives with steam, and have been for years.Indeed at the current time it seems the Updater tool delivered with AI 15.1 is falsely detected by 2 AV products: Rising and VBA32, while the Updater tool delivered with AI 14.5.1 is falsely detected by 4 AV products: NANO-Antivirus, VBA32, Zillya and Yandex. The only time it may not be, is if you are using the old "arg matey" and not getting your contents directly from steams website. This being said, 1/60, especially from some of the following (Zillya, Rising, Jiangmin, etc) are most certainly false positives. It's pretty easy to determine if those files contain suspicious code or not.Įven if looking at JSON is above your pay grade since JSON and Javascript are so popular it would be pretty trivial to get some reliable opinions about those files. It's just text and generally just contains data and it's pretty easy to look at the files and see if there's anything besides JSON in there. JSON is a common and popular way to structure data to provide interoperability between languages and systems. I would also say the files you've listed are JSON files. And rather than blindly trusting your AV in all cases, you're free to apply a bit more nuance and skepticism towards it. So to my mind it's much much more likely Windows Defender is being overly aggressive and conservative in this case. Valve checks all the data published to it, and the number of legitimate issues of malicious files being served to users is pretty small. Than it is to say something isn't a trojan and be wrong. But when the AV is flagging something you think may be incorrect, or is flagging something you trust, nothing is stopping you from doing some additional research to confirm or dismiss the result.Īfter all it's better for an AV to say something is a trojan and be wrong. When your AV finds something you can choose to trust it blindly. Are you aware of the possibility of false positives? Originally posted by nullable:AV's aren't infallible. So, if its those 3, which are garboware chinese AVs, simply report the files on the steam beta branch discussion forums, and it will get taken care of eventually Those 3 in particular are super prone to false positives with steam, and have been for years. If you upload your file to VT, then you can see exactly why it was detected. Steam, every once in a while, the steam.exe, steamwebhelper.exe and some of its bundled packages get flagged. It is not unheard of for AVs to pick them up. Should I do something manually now to be safer or does that count as solved?Īnd also, the bigger topic on my mind why i decided to write on this forum, how did it get there? is it a false positive? When i googled my exact problem as im writing here i didnt get any answers, and when i googled the specific malware names, i found that those can be the very dangerous malwares people get scammed with, like in emails or when downloading anything, but i swear i did not encounter any suspicious messages nor did i download anything in the recent days (the windows defender notified me 3 hours ago) I clicked to "remove" these files in the WD, but i gotta confess, i didnt get any malicious files in a long time and im not exactly sure how that works. Windows Defender found trojans (specifically Trojan:Script/Wacatac.B!ml and Trojan:Script/ObfusScript.A!ml) in this steam path: C:\xy\Steam\steamui\localization\ and then files shared_koreana-json.js, shared_thai-json.js, and shared_vietnamese-json.js
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |