Virus in ScummVM Tools 2.2.0 - Windows 32bit zipfile?

Ask for help with ScummVM problems

Moderator: ScummVM Team

Post Reply
fac
Posts: 92
Joined: Wed Jun 07, 2006 3:19 pm

Virus in ScummVM Tools 2.2.0 - Windows 32bit zipfile?

Post by fac »

Is this a false positive?

I downloaded today scummvm-tools-2.2.0-win32.zip. Windows defender detected Trojan:Win32/Zpevdo.B
User avatar
rootfather
ScummVM Lead
Posts: 182
Joined: Tue Mar 31, 2015 11:59 am
Location: Germany
Contact:

Re: Virus in ScummVM Tools 2.2.0 - Windows 32bit zipfile?

Post by rootfather »

Yeah, it looks like Windows Defender is screwing around again.

Is submitted the file for further analysis, but unfortunately, they are sometimes very slow with cleaning up their mess.

Everything "screams" false positive here. I uploaded the file to Virustotal, and there was an older check still in place with 0 detections. Then I retested the file with the exact same MD5 sum (so it's impossible that the file was tinkered after the initial upload), and now two engines are detecting a thread here - but none of the reputable antivirus engines detects it.
User avatar
rootfather
ScummVM Lead
Posts: 182
Joined: Tue Mar 31, 2015 11:59 am
Location: Germany
Contact:

Re: Virus in ScummVM Tools 2.2.0 - Windows 32bit zipfile?

Post by rootfather »

Follow up: The Microsoft Defender team reviewed the submitted files and removed the wrong detection entries on there end.

In case you don't have the latest malware definition files, you can update them manually:

1. Open command prompt as administrator and change directory to c:\Program Files\Windows Defender
2. Run “MpCmdRun.exe -removedefinitions -dynamicsignatures”
3. Run "MpCmdRun.exe -SignatureUpdate"

Alternatively, the latest definition is available for download here: https://www.microsoft.com/en-us/wdsi/definitions
Post Reply