BiglyBT
BiglyBT copied to clipboard
BiglySoftware
vuzexcode_2.3.jar identified as Oneeva.A! Trojan by Microsoft Defender
- OS and version: Windows 11 22000.613
- BiglyBT Version Number: 3.0.0.0
- Help -> About: Java 1.8.0_202 (64 bit) Oracle Corporation c:\program files\biglybt\jre SWT v4942r22, win32, zoom=100, dpi=96 Windows 10 v10.0, amd64 (64 bit) B3.0.0.0/4 az3
Hi Team,
I only discovered BiglyBT in the past couple of weeks and am loving it. Wonderful work!
Today I ran into the following threat warning from Microsoft Defender. Any chance to have a look and see what might have caused the issue?
Cheers
Meh, false positive I would imagine. e.g.
https://www.reddit.com/r/uBlockOrigin/comments/kmxfel/trojan_found_by_windows_defender/
I've submitted it to MS as a false positive
https://www.microsoft.com/en-us/wdsi/submission/15ef9b7c-6cf8-4833-bb50-5a0913f27f36
Their online analysis reports that "Trojan:Script/Oneeva.A!ml" is in "transcoderplugin$analysiscontext$1.class" which is (and has been for ages) compiled from
https://github.com/BiglySoftware/BiglyBT-plugin-vuzexcode/blob/master/com/vuze/plugins/transcoder/TranscoderPlugin.java
Not sure what their AV is smoking.
Update from false-positive submission:
Analyst comments:
At this time, the submitted files do not meet our criteria for malware or potentially unwanted applications. The detection has been removed. Please follow the steps below to clear cached detections and obtain the latest malware definitions.
- Open command prompt as administrator and change directory to c:\Program Files\Windows Defender
- Run “MpCmdRun.exe -removedefinitions -dynamicsignatures”
- Run "MpCmdRun.exe -SignatureUpdate"
Alternatively, the latest definition is available for download here: https://docs.microsoft.com/microsoft-365/security/defender-endpoint/manage-updates-baselines-microsoft-defender-antivirus