PKHeX Wacatac.H!ml virus

badblood08

badblood08

Active Member
OP
Newcomer
Level 2
Joined
Feb 5, 2022
Messages
37
Trophies
0
XP
178
Country
United States
I tried downloading the latest PKHeX from here: https://projectpokemon.org/home/files/file/1-pkhex/

Windows Security got this virus:
1670004007188.png

1670003920198.png


Is this a false positive virus? Should I disregard this. Please advise.

Thanks!
 
SylverReZ

SylverReZ

The planet is fine. The people are crazy.
Member
Level 29
Joined
Sep 13, 2022
Messages
7,310
Trophies
3
Location
The Wired
Website
m4x1mumrez87.neocities.org
XP
22,543
Country
United Kingdom
  • Like
Reactions: scionae, E1ite007, badblood08 and 2 others
binkinator

binkinator

Garfield’s Fitness Coach
Member
GBAtemp Patron
Level 16
Joined
Mar 29, 2021
Messages
6,511
Trophies
2
XP
6,156
Country
United States
  • Like
Reactions: badblood08 and SylverReZ
badblood08

badblood08

Active Member
OP
Newcomer
Level 2
Joined
Feb 5, 2022
Messages
37
Trophies
0
XP
178
Country
United States
M4x1mumReZ said:
Pop the file into VirusTotal or Hybrid-Analysis and it'll tell you whether if this is the case or not. Microsoft Defender generates tons of false positives, so you shouldn't worry about anything.
Click to expand...
Only 1 vendor found it as a virus
1670004273980.png

I'm not sure if this is an isolated case that can be disregarded
 
binkinator

binkinator

Garfield’s Fitness Coach
Member
GBAtemp Patron
Level 16
Joined
Mar 29, 2021
Messages
6,511
Trophies
2
XP
6,156
Country
United States
  • Like
Reactions: badblood08 and SylverReZ
halfashark

halfashark

Well-Known Member
Newcomer
Level 3
Joined
Nov 10, 2022
Messages
88
Trophies
0
XP
287
Country
Canada
no matter what i scan virustotal always has at least 1-2 vendors mark it as a false positive. i've uploaded empty archives, blank raw text documents and random images and photos and there's always at least one.

i would be more concerned if several caught it. additionally if you google the name of said malware you'll see that every single post and thread mentions it being an extremely common false positive. windows defender seems to mark benign python and c++ scripts as being infected with this quite frequently.

you're probably fine but if you're ever super paranoid maybe consider putting a linux distro on a flash drive and performing your mods on that. it wouldn't 100% protect you unless you also physically disconnected any other mountable media but it would certainly add a layer of protection and teach you some new skills.
 
linuxares

linuxares

The inadequate, autocratic beast!
Global Moderator
Level 26
Joined
Aug 5, 2007
Messages
13,371
Trophies
2
XP
18,290
Country
Sweden
halfashark said:
no matter what i scan virustotal always has at least 1-2 vendors mark it as a false positive. i've uploaded empty archives, blank raw text documents and random images and photos and there's always at least one.

i would be more concerned if several caught it. additionally if you google the name of said malware you'll see that every single post and thread mentions it being an extremely common false positive. windows defender seems to mark benign python and c++ scripts as being infected with this quite frequently.

you're probably fine but if you're ever super paranoid maybe consider putting a linux distro on a flash drive and performing your mods on that. it wouldn't 100% protect you unless you also physically disconnected any other mountable media but it would certainly add a layer of protection and teach you some new skills.
Click to expand...
PKhex doesn't work really well with Mono according to PKhex themselves.
 
halfashark

halfashark

Well-Known Member
Newcomer
Level 3
Joined
Nov 10, 2022
Messages
88
Trophies
0
XP
287
Country
Canada
linuxares said:
PKhex doesn't work really well with Mono according to PKhex themselves.
Click to expand...
Oh, wild. Windows only. How bizzare... guess it's due to their choice of language. (C#).

That's... actually really lame. Guess the 2nd best would just be a windows virtual machine with stuff like PAE/NX and shared clipboards/drag and drops disabled. That said it's most definitely a false positive but for those who are worried it's at least a way to accommodate for their concerns.

Still. Dang.
 
The Real Jdbye

The Real Jdbye

*is birb*
Member
Level 23
Joined
Mar 17, 2010
Messages
23,373
Trophies
4
Location
Space
XP
13,977
Country
Norway
badblood08 said:
Only 1 vendor found it as a virus
View attachment 341145
I'm not sure if this is an isolated case that can be disregarded
Click to expand...
Probably. Even the 1 detection is vague/heuristics and not a real detection.
It appears it's scanning the URL as a website though, rather than scanning the file. You'd get better results if you downloaded the file and manually uploaded it.
 
  • Like
Reactions: SylverReZ
Hayato213

Hayato213

Newcomer
Member
Level 28
Joined
Dec 26, 2015
Messages
20,058
Trophies
1
XP
21,219
Country
United States
W0rmy said:
No you don’t. You need common sense. Defender has been fine for ages and alerting him fine. As someone has said it’s alerting on that URL.

Common sense would be to find a more reputable download link.
Click to expand...

There is no problem downloading it from projectpokemon.org, I been downloading pkhex from there for years and no issues. Just that he got a false detection.
 
  • Like
Reactions: Apistogramma and SylverReZ
X

XVicarious

Member
Newcomer
Level 2
Joined
Aug 10, 2014
Messages
11
Trophies
0
XP
131
Country
United States
See here

I tried myself, but I didn't have the patience to make heads or tails of it. A lot of duplicate implementations seem to exist in the source itself. Maybe I'll try again later.
 

Site & Scene News

Go to forum More news

Popular threads in this forum

Emulation Homebrew  duckstation for Switch

Can you trade in a banned switch for an unbanned one?

Why is Atmosphere so dominant?

Hacking Misc Tutorial  Eiyuden Chronicle Hundred Heroes save editing

Hacking  Weird findings from that DQ trilogy switch port

Migswitch backups without certificate files

Help a noob with if I need to update CFW to 18.0 or not

Emulation Misc  Is a totk memory editor possible? If so why has no one made one yet?

General chit-chat
Help Users
  • No one is chatting at the moment.
  • Quincy @ Quincy:
    Usually when such a big title leaks the Temp will be the first to report about it (going off of historical reports here, Pokemon SV being the latest one I can recall seeing pop up here)
  • K3Nv2 @ K3Nv2:
    I still like how a freaking mp3 file hacks webos all that security defeated by text yet again
  • BigOnYa @ BigOnYa:
    They have simulators for everything nowdays, cray cray. How about a sim that shows you playing the Switch.
  • K3Nv2 @ K3Nv2:
    That's called yuzu
     +1
  • K3Nv2 @ K3Nv2:
    https://www.verizon.com/home/intern...0a82b82a&vendorid=CJM&PID=552179&AID=11365093 can I cancel and keep the switch lol
     +1
  • BigOnYa @ BigOnYa:
    I want a 120hz 4k tv but crazy how more expensive the 120hz over the 60hz are. Or even more crazy is the price of 8k's.
  • K3Nv2 @ K3Nv2:
    No real point since movies are 30fps
  • BigOnYa @ BigOnYa:
    Not a big movie buff, more of a gamer tbh. And Series X is 120hz 8k ready, but yea only 120hz 4k games out right now, but thinking of in the future.
  • K3Nv2 @ K3Nv2:
    Mostly why you never see TV manufacturers going post 60hz
  • BigOnYa @ BigOnYa:
    I only watch tv when i goto bed, it puts me to sleep, and I have a nas drive filled w my fav shows so i can watch them in order, commercial free. I usually watch Married w Children, or South Park
  • K3Nv2 @ K3Nv2:
    Stremio ruined my need for nas
  • BigOnYa @ BigOnYa:
    I stream from Nas to firestick, one on every tv, and use Kodi. I'm happy w it, plays everything. (I pirate/torrent shows/movies on pc, and put on nas)
  • K3Nv2 @ K3Nv2:
    Kodi repost are still pretty popular
  • BigOnYa @ BigOnYa:
    What the hell is Kodi reposts? what do you mean, or "Wut?" -xdqwerty
  • K3Nv2 @ K3Nv2:
    Google them basically web crawlers to movie sites
  • BigOnYa @ BigOnYa:
    oh you mean the 3rd party apps on Kodi, yea i know what you mean, yea there are still a few cool ones, in fact watched the new planet of the apes movie other night w wifey thru one, was good pic surprisingly, not a cam
  • K3Nv2 @ K3Nv2:
    https://www.aliexpress.us/item/3256...acdffdfd18f8a017742186da306980d9cf365d&gclid= lol ali
     +1
  • BigOnYa @ BigOnYa:
    Damn, only $2.06 and free shipping. Gotta cost more for them to ship than $2.06
     +1
  • BigOnYa @ BigOnYa:
    I got my Dad a firestick for Xmas and showed him those 3rd party sites on Kodi, he loves it, all he watches anymore. He said he has got 3 letters from AT&T already about pirating, but he says f them, let them shut my internet off (He wants out of his AT&T contract anyways)
  • K3Nv2 @ K3Nv2:
    That's where stremio comes to play never got a letter about it
  • BigOnYa @ BigOnYa:
    I just use a VPN, even give him my login and password so can use it also, and he refuses, he's funny.
  • BigOnYa @ BigOnYa:
    I had to find and get him an old style flip phone even without text, cause thats what he wanted. No text, no internet, only phone calls. Old, old school.
  • K3Nv2 @ K3Nv2:
    https://youtu.be/z9E_uv5IT-o?si=0qMdVEnRK8mmclzS
  • K3Nv2 @ K3Nv2:
    @BigOnYa, https://m.youtube.com/watch?v=qRJog...com/&source_ve_path=MjM4NTE&feature=emb_title
     +1
  • Psionic Roshambo @ Psionic Roshambo:
    @BigOnYa, Lol I bought a new USB card reader thing on AliExpress last month for I think like 87 cents. Free shipping from China... It arrived it works and honestly I don't understand how it was so cheap.
     +1
    Psionic Roshambo @ Psionic Roshambo: @BigOnYa, Lol I bought a new USB card reader thing on AliExpress last month for I think like 87... +1