top of page

False Virus Flagging

Writer's picture: SunJeongSunJeong

Hey everyone,


just wanted to write this because I've been noticing an increase in false positives for viruses in some of my mod files. I noticed that it's not just mods; if I package a zip archive of just images, it's been getting flagged as a virus as well.


TL;DR: My files don't have viruses, guaranteed. If you're being prevented from downloading and installing the mod, please temporarily disable your anti-virus but don't forget to RE-ENABLE once you have the mod downloaded. In addition, I won't be re-uploading files to fix a "ghost" issue. Re-uploading takes A LOT of my time because my re-upload speeds are bad and I have to re-upload for MediaFire, Google Drive, and MEGA.


You are free to use any external program to scan and verify that the file is cleaned by the way.


As an explanation (credit to Sun Rider for the information), Windows Defender has been struggling to correctly identify false positives, especially with zipped files. Windows Defender uses machine learning to detect threats, and it does this by looking for patterns in data. If you change it even little, then Windows Defender may not be able to recognize it as the same software anymore. This is because the patterns in the data have changed. As a result, Windows Defender may flag the zipped software as a threat, even if it is not actually a threat. This is known as a false positive. If receiving a "Trojan:Script/Wacatac.H!ml alert" it is likely due to Windows Defender not being able to recognize the compressed file. Compressed files can change the patterns in the data that Windows Defender uses to detect threats.


I've been hearing about other authors having the same issue. Not sure if it's something that will eventually be fixed by Microsoft but it looks like someone has already submitted a ticket explaining the issue and even submitted their own mod to see why it's being flagged.


Anyway I just wanted to quickly write this post just to ease some of the concerns for the people that were getting the virus alerts for my mod. Feel safe to download them.

3,799 views7 comments

7件のコメント


Sun Rider
Sun Rider
2024年6月15日

Attention attention everyone! 😏

For those wondering and concerned about Sun, she is currently occupied with many personal matters that require her attention (IRL stuff), which can't be mentioned here as it's related to her private life. But I can say that Sun is doing well and happy, so there's no need to worry.


She'll share more details about the modding situation as things progress


編集済み
いいね!

Rec X
Rec X
2024年6月14日

havnt seen Sunjeong in a while hope shes doing alright

いいね!

해파리1
해파리1
2024年2月25日

There is a virus that is attracted to SunJeong.

いいね!

Victor Miles
Victor Miles
2023年10月23日

seeing that you closed commissions i am really glad i got that kuun one done

いいね!

Rainnifer
Rainnifer
2023年10月23日

Yes this has been a problem that plagues various other modders as well, I come across it quite a few times as I like to collect all the various outfit mods people create.


It is indeed a false positive and what you (the users/downloaders) can do is temporarily disable the anti-virus to download it, then you can extract the mod and delete the original zip. Then zip the mod up into a new one, this will freshly fix the zip so it won't be flagged anymore when you re-enable your anti-virus.

いいね!
bottom of page