Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Windows Defender alert on a dev build
#1
Hi everyone. I hope that you're all feeling good.

Well, Yesterday, I discovered a dev build of the emulator. Which was just awesome by the way... and today, I had an alert from Windows Defender.

https://imgur.com/a/ujfIw

This alert appeared few minutes after the boot of Windows.

It is very strange because I made some research about this type of ransomware which is called "Gandcrap" and as I saw this is a brand new ransomware...

A friend suggested me that this alert could be not relevant and true. A false-positive.

Thanks for the help ! Have a nice day.
Reply

Sponsored links

#2
I only run Windows Defender on my PC, but PCSX2 has never triggered a quarantine or anything.

I would run Malwarebytes on your PC before you add an exception for PCSX2

https://www.malwarebytes.com/
Reply
#3
Hello. Thanks for your reply.

Well, even if I download again this dev build (number 2284)
Windows Defender is still detecing the PCSX2.exe file as a ransomware.
But, If Malwarebytes says that this file was fully safe !
Reply
#4
Hmm, that's weird. Anyways, I submitted the exe to Microsoft so hopefully Defender won't flag it as ransomware once that's done. I would still do a full scan of your PC with MalwareBytes or SuperAntiSpyware.
Reply
#5
That's weird,only 2284 is recognized as ransomware.
2283 and 2285 are fine
Reply
#6
Bit Defender is happy with 2284
[Image: ref_sig_anim.gif]
Like our Facebook Page and visit our Facebook Group!
Reply
#7
you could figure out which byte sequence it is and compare it with the build? i mean.. that's howto solve that.
Reply
#8
MS has cleared the exe. Hopefully it won't give you any problems in the future once it gets submitted to the definitions database. Smile
Reply
#9
Well, thank you very much, CK1.

Yes, it was very strange because this problem / type of alert was here only for the 2284 build.

And yes. That's a good idea, dabore. I'm going to investigate on the byte sequence.
Because, just like you, I think that there was a problem because of a funny and similar byte sequence
between the .exe file of the 2284 build and this ransomware.

Anyway. Thank you to everyone for your help and your advices ! Have a nice day.
Reply




Users browsing this thread: 1 Guest(s)