PKHeX Wacatac.H!ml virus

badblood08

badblood08

Active Member
OP
Newcomer
Level 2
Joined
Feb 5, 2022
Messages
37
Trophies
0
XP
178
Country
United States
I tried downloading the latest PKHeX from here: https://projectpokemon.org/home/files/file/1-pkhex/

Windows Security got this virus:
1670004007188.png

1670003920198.png


Is this a false positive virus? Should I disregard this. Please advise.

Thanks!
 
SylverReZ

SylverReZ

The planet is fine. The people are crazy.
Member
Level 29
Joined
Sep 13, 2022
Messages
7,310
Trophies
3
Location
The Wired
Website
m4x1mumrez87.neocities.org
XP
22,559
Country
United Kingdom
  • Like
Reactions: scionae, E1ite007, badblood08 and 2 others
binkinator

binkinator

Garfield’s Fitness Coach
Member
GBAtemp Patron
Level 16
Joined
Mar 29, 2021
Messages
6,511
Trophies
2
XP
6,156
Country
United States
  • Like
Reactions: badblood08 and SylverReZ
badblood08

badblood08

Active Member
OP
Newcomer
Level 2
Joined
Feb 5, 2022
Messages
37
Trophies
0
XP
178
Country
United States
M4x1mumReZ said:
Pop the file into VirusTotal or Hybrid-Analysis and it'll tell you whether if this is the case or not. Microsoft Defender generates tons of false positives, so you shouldn't worry about anything.
Click to expand...
Only 1 vendor found it as a virus
1670004273980.png

I'm not sure if this is an isolated case that can be disregarded
 
binkinator

binkinator

Garfield’s Fitness Coach
Member
GBAtemp Patron
Level 16
Joined
Mar 29, 2021
Messages
6,511
Trophies
2
XP
6,156
Country
United States
  • Like
Reactions: badblood08 and SylverReZ
halfashark

halfashark

Well-Known Member
Newcomer
Level 3
Joined
Nov 10, 2022
Messages
88
Trophies
0
XP
287
Country
Canada
no matter what i scan virustotal always has at least 1-2 vendors mark it as a false positive. i've uploaded empty archives, blank raw text documents and random images and photos and there's always at least one.

i would be more concerned if several caught it. additionally if you google the name of said malware you'll see that every single post and thread mentions it being an extremely common false positive. windows defender seems to mark benign python and c++ scripts as being infected with this quite frequently.

you're probably fine but if you're ever super paranoid maybe consider putting a linux distro on a flash drive and performing your mods on that. it wouldn't 100% protect you unless you also physically disconnected any other mountable media but it would certainly add a layer of protection and teach you some new skills.
 
linuxares

linuxares

The inadequate, autocratic beast!
Global Moderator
Level 26
Joined
Aug 5, 2007
Messages
13,379
Trophies
2
XP
18,295
Country
Sweden
halfashark said:
no matter what i scan virustotal always has at least 1-2 vendors mark it as a false positive. i've uploaded empty archives, blank raw text documents and random images and photos and there's always at least one.

i would be more concerned if several caught it. additionally if you google the name of said malware you'll see that every single post and thread mentions it being an extremely common false positive. windows defender seems to mark benign python and c++ scripts as being infected with this quite frequently.

you're probably fine but if you're ever super paranoid maybe consider putting a linux distro on a flash drive and performing your mods on that. it wouldn't 100% protect you unless you also physically disconnected any other mountable media but it would certainly add a layer of protection and teach you some new skills.
Click to expand...
PKhex doesn't work really well with Mono according to PKhex themselves.
 
halfashark

halfashark

Well-Known Member
Newcomer
Level 3
Joined
Nov 10, 2022
Messages
88
Trophies
0
XP
287
Country
Canada
linuxares said:
PKhex doesn't work really well with Mono according to PKhex themselves.
Click to expand...
Oh, wild. Windows only. How bizzare... guess it's due to their choice of language. (C#).

That's... actually really lame. Guess the 2nd best would just be a windows virtual machine with stuff like PAE/NX and shared clipboards/drag and drops disabled. That said it's most definitely a false positive but for those who are worried it's at least a way to accommodate for their concerns.

Still. Dang.
 
The Real Jdbye

The Real Jdbye

*is birb*
Member
Level 23
Joined
Mar 17, 2010
Messages
23,375
Trophies
4
Location
Space
XP
13,989
Country
Norway
badblood08 said:
Only 1 vendor found it as a virus
View attachment 341145
I'm not sure if this is an isolated case that can be disregarded
Click to expand...
Probably. Even the 1 detection is vague/heuristics and not a real detection.
It appears it's scanning the URL as a website though, rather than scanning the file. You'd get better results if you downloaded the file and manually uploaded it.
 
  • Like
Reactions: SylverReZ
Hayato213

Hayato213

Newcomer
Member
Level 28
Joined
Dec 26, 2015
Messages
20,058
Trophies
1
XP
21,220
Country
United States
W0rmy said:
No you don’t. You need common sense. Defender has been fine for ages and alerting him fine. As someone has said it’s alerting on that URL.

Common sense would be to find a more reputable download link.
Click to expand...

There is no problem downloading it from projectpokemon.org, I been downloading pkhex from there for years and no issues. Just that he got a false detection.
 
  • Like
Reactions: Apistogramma and SylverReZ
X

XVicarious

Member
Newcomer
Level 2
Joined
Aug 10, 2014
Messages
11
Trophies
0
XP
131
Country
United States
See here

I tried myself, but I didn't have the patience to make heads or tails of it. A lot of duplicate implementations seem to exist in the source itself. Maybe I'll try again later.
 

Site & Scene News

Go to forum More news

Popular threads in this forum

Emulation Homebrew  duckstation for Switch

Can you trade in a banned switch for an unbanned one?

Why is Atmosphere so dominant?

Hacking Misc Tutorial  Eiyuden Chronicle Hundred Heroes save editing

Hacking  Weird findings from that DQ trilogy switch port

Migswitch backups without certificate files

Help a noob with if I need to update CFW to 18.0 or not

Emulation Misc  Is a totk memory editor possible? If so why has no one made one yet?

General chit-chat
Help Users
  • K3Nv2 @ K3Nv2:
    I fixed a 2010 netbook for someone and they were happy
  • ZeroT21 @ ZeroT21:
    i did something similar to for a friend, was a old acer netbook, he was over the moon, guess guys are just that simple
  • K3Nv2 @ K3Nv2:
    Still had xp all the works at least got 7 on it
  • ZeroT21 @ ZeroT21:
    even if MS says newer windows works fine on 1 Gb of ram, I'd still go for the default or similar OS
  • K3Nv2 @ K3Nv2:
    It loaded youtube with like a 5 minute lag lol
  • ZeroT21 @ ZeroT21:
    it's a old potato, can't expect much
  • K3Nv2 @ K3Nv2:
    I told her it's not a good porn book
  • ZeroT21 @ ZeroT21:
    it's fine if it work and can watch their fav porn
  • K3Nv2 @ K3Nv2:
    For images maybe
  • ZeroT21 @ ZeroT21:
    it's not a vibrator la, ...that lags
  • K3Nv2 @ K3Nv2:
    No haptic feedback in laptops
  • ZeroT21 @ ZeroT21:
    you ain't paying for that kinda realism with this hardware
  • K3Nv2 @ K3Nv2:
    Need to give apple $600
  • ZeroT21 @ ZeroT21:
    the more you give apple the more features they will take away
  • K3Nv2 @ K3Nv2:
    Apple finally invented folders
  • ZeroT21 @ ZeroT21:
    i still want headphone jacks for my shit
  • ZeroT21 @ ZeroT21:
    i dont want do deal with low on battery earbuds and shit
  • K3Nv2 @ K3Nv2:
    I hate cords but my life is a cord will probably make a noose from cords
  • ZeroT21 @ ZeroT21:
    we'll all croak one day, no need to fuss so much
  • Psionic Roshambo @ Psionic Roshambo:
    @K3Nv2, Use a Pi it can hack PS4 now too lol
  • K3Nv2 @ K3Nv2:
    Until that day there is a need
     +1
  • Xdqwerty @ Xdqwerty:
    gonna do my homework in half an hour
  • K3Nv2 @ K3Nv2:
    Stop using chatgpt
  • Sonic Angel Knight @ Sonic Angel Knight:
    Chatgpt will turn your words into ai robot that will take over the world later. :ninja:
  • Xdqwerty @ Xdqwerty:
    @K3Nv2, i dont use it
    Xdqwerty @ Xdqwerty: @K3Nv2, i dont use it