People keep saying false positive, but I've never had false positive before and I got the same thing.Trojan identified as sonbokli
I ran the .jar file through virustotal and got 0 hits. The .exe on the other hand got 4. Just to be safe on my end, I only ran the .jar and deleted the .exe.People keep saying false positive, but I've never had false positive before and I got the same thing.
This antivirus (AV) discussion seems to be similar to when BannedHeresy™ uploaded newlife version 8.3. See posts #4,362 and #4,363.I would advise caution on this one.
Went down a bit of a rabbit hole on this one. The exe file does show up as suspicious/malicious depending on the site. As Badlulu pointed out VT says 4 hits and hybrid analysis rated it malicious with a threat of 51/100. Sadly my malware analysis is rusty and I am not entirely sure what its doing but its said to be Trojan.Worgtop which is a credential stealer.
Results:You must be registered to see the links
You must be registered to see the links
I use microsoft defender and got this flagged as sonbokli trojan and immediately deleted. I know people diss on defender but I've never had issues with it before. (I have been using this site more than 2 years I think)This antivirus (AV) discussion seems to be similar to when BannedHeresy™ uploaded newlife version 8.3. See posts #4,362 and #4,363.
Looking at the VirusTotal link in your post, the only two security vendor (out of 34 total security vendors listed) that flagged the file as having a trojan areYou must be registered to see the linksandYou must be registered to see the links. For the Hybrid Analysis link, the only vendor that detected something wasYou must be registered to see the linkswhich BannedHeresy™ explained in #4,363 that " [ sets-process-name | detect-debug-environment | long-sleeps | checks-user-input | contains-pe ] flags" might've set off the AV programs. I don't know what means exactly, but it seems relevant to a possible false detection by AV programs.
All other vendors like MalwareBytes and Google in the VirusTotal link didn't detect anything, and I am hoping that they're more thorough/reliable than Bkav Pro, Skyhigh, and Zillya! because they're bigger names.
There are some other stuff for the Hybrid Analysis link's "Falcon SandboxReports." There, the malicious indicator is related to "writes data to a remote process" with the details being: "newlife.exe" wrote 00000004 bytes to a remote process "%PROGRAMFILES%\(x86)\Java\jre1.8.0_161\bin\javaw.exe" (Handle: 552)." HybridAnalysis also says in a blue banner that "Not all malicious and suspicious indicators are displayed. Get your ownYou must be registered to see the linksor theYou must be registered to see the linksto view all details." No commentary on this from me here; just pointing it out in case anyone who knows better can explain.
I'm not too worried about the alarm bells set off in the VirusTotal and HybridAnalysis links. I'm still a bit concerned about the two people who wrote that Microsoft Defender Antivirus detected a virus, but it could be for the same reasons that triggered the other security vendors in VirusTotal too.
I also ran a MalwareBytes rootkit scan on my computer after reading your post and nothing turned up. Not to say everything is fine, but it seems unlikely.
Agreed. Just wait for another poster to upload a non-sus file.long story short shits sus dont touch.
A rootkit scanner is what you're probably looking for.what's the computer equivalent of taking a scalding shower and getting tested?
If it is, what's the computer equivalent of taking a scalding shower and getting tested?
And the user BoosterBoards on this same page already used MalwareBytes' Rootkit scanner on the game and it found nothing. And honestly, after years of using different AV programs big and small, MalwareBytes is the only AV program I trust.A rootkit scanner is what you're probably looking for.You must be registered to see the linkshas one.
If you trust a random person on a porn forum is telling the truth. Better to verify yourself.And the user BoosterBoards on this same page already used MalwareBytes' Rootkit scanner on the game and it found nothing.
"This guy said there's a virus. I'm going to go by this complete stranger's word even though he only has verifiably bad AV programs to back it up. And then criticize someone else when they go by the word of someone who had good AV programs back up their claim that there is no virus, with links to his sources and everything.If you trust a random person on a porn forum is telling the truth. Better to verify yourself.