Windows Defender found a threat: Trojan:Script/Wacatac.B!ml #5916
Unanswered
developer-jun
asked this question in
Help and Questions
Replies: 1 comment
-
See #5915 |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
I'm not sure if this is just my Windows Defender, and should I just disable my Protection temporarily.
But anyway, I was installing postgres today and was just using the regular install command 'scoop install main/postgresql'
It was able to update the 'main' bucket as well as the 'pscale' bucket with no problem.
The next step was to install postgres dependencies and the first one happens to be 7-Zip.
Powershell logs:
Scoop was updated successfully!
Installing '7zip19.00-helper' (19.00) [64bit] from main bucket
7z1900-x64.msi (1.7 MB) [> ] 2%
The operation has timed out.
URL https://download.sourceforge.net/project/sevenzip/7-Zip/19.00/7z1900-x64.msi is not valid
There must have been a Windows Defender pop up but I did not notice it and just assumed the download was just interrupted, so I tried the install command again.
Powershell:
PS C:\Users\MyPC> scoop install main/postgresql
. : Operation did not complete successfully because the file contains a virus or potentially unwanted software.
At C:\Users\MyPC\scoop\apps\scoop\current\libexec\scoop-install.ps1:26 char:3
WARN Purging previous failed installation of 7zip19.00-helper.
ERROR '7zip19.00-helper' isn't installed correctly.
Removing older version (19.00).
'7zip19.00-helper' was uninstalled.
Installing '7zip19.00-helper' (19.00) [64bit] from 'main' bucket
The operation has timed out
URL https://download.sourceforge.net/project/sevenzip/7-Zip/19.00/7z1900-x64.msi is not valid
I looked into the details of the threat from Windows Defender and got.
Detected: Trojan:Script/Wacatac.B!ml
Date: 4/22/2024 12:41 PM
Details: This program is dangerous and executes commands from an attacker.
Affected items:
file: C:\Users\MyPC\scoop\apps\scoop\current\lib\autoupdate.ps1
Should I ignore the warning and disable Windows Defender?
Beta Was this translation helpful? Give feedback.
All reactions