top of page

False Virus Flagging

Hey everyone,


just wanted to write this because I've been noticing an increase in false positives for viruses in some of my mod files. I noticed that it's not just mods; if I package a zip archive of just images, it's been getting flagged as a virus as well.


TL;DR: My files don't have viruses, guaranteed. If you're being prevented from downloading and installing the mod, please temporarily disable your anti-virus but don't forget to RE-ENABLE once you have the mod downloaded. In addition, I won't be re-uploading files to fix a "ghost" issue. Re-uploading takes A LOT of my time because my re-upload speeds are bad and I have to re-upload for MediaFire, Google Drive, and MEGA.


You are free to use any external program to scan and verify that the file is cleaned by the way.


As an explanation (credit to Sun Rider for the information), Windows Defender has been struggling to correctly identify false positives, especially with zipped files. Windows Defender uses machine learning to detect threats, and it does this by looking for patterns in data. If you change it even little, then Windows Defender may not be able to recognize it as the same software anymore. This is because the patterns in the data have changed. As a result, Windows Defender may flag the zipped software as a threat, even if it is not actually a threat. This is known as a false positive. If receiving a "Trojan:Script/Wacatac.H!ml alert" it is likely due to Windows Defender not being able to recognize the compressed file. Compressed files can change the patterns in the data that Windows Defender uses to detect threats.


I've been hearing about other authors having the same issue. Not sure if it's something that will eventually be fixed by Microsoft but it looks like someone has already submitted a ticket explaining the issue and even submitted their own mod to see why it's being flagged.


Anyway I just wanted to quickly write this post just to ease some of the concerns for the people that were getting the virus alerts for my mod. Feel safe to download them.

2,712 views7 comments

7 Comments


Sun Rider
Sun Rider
Jun 15

Attention attention everyone! 😏

For those wondering and concerned about Sun, she is currently occupied with many personal matters that require her attention (IRL stuff), which can't be mentioned here as it's related to her private life. But I can say that Sun is doing well and happy, so there's no need to worry.


She'll share more details about the modding situation as things progress


Like

Rec X
Rec X
Jun 14

havnt seen Sunjeong in a while hope shes doing alright

Like


There is a virus that is attracted to SunJeong.

Like

Victor Miles
Victor Miles
Oct 23, 2023

seeing that you closed commissions i am really glad i got that kuun one done

Like

Rainnifer
Rainnifer
Oct 23, 2023

Yes this has been a problem that plagues various other modders as well, I come across it quite a few times as I like to collect all the various outfit mods people create.


It is indeed a false positive and what you (the users/downloaders) can do is temporarily disable the anti-virus to download it, then you can extract the mod and delete the original zip. Then zip the mod up into a new one, this will freshly fix the zip so it won't be flagged anymore when you re-enable your anti-virus.

Like
bottom of page