Rainmeter 4.5.3 has a trojan detected.
Details at https://www.virustotal.com/gui/file/9a512b332a36c486a745e4c7fd25336089d572e08796120bc3fb04ed4da95051
It is currently April 27th, 2024, 4:42 pm
Rainmeter 4.5.3 has a TROJAN detected
-
- Posts: 2
- Joined: October 4th, 2021, 12:22 am
-
- Developer
- Posts: 2686
- Joined: November 24th, 2011, 1:42 am
- Location: Utah
Re: Rainmeter 4.5.3 has a TROJAN detected
This is most certainly a false positive, and has been discussed on a previous version.
https://github.com/rainmeter/rainmeter/issues/272#issuecomment-908090633
-Brian
https://github.com/rainmeter/rainmeter/issues/272#issuecomment-908090633
-Brian
-
- Posts: 2
- Joined: October 4th, 2021, 12:22 am
Re: Rainmeter 4.5.3 has a TROJAN detected
The same TROJAN is in new Rainmeter 4.5.4
https://www.virustotal.com/gui/file/31efb6ba0b89be4d73925fa79747e45d96479408f9808edead3b8b787fe79495
Rainmeter is a great product, thanks a lot to the developer.
It is a shame that people see that Trojan detected in the Rainmeter and just skip using it altogether, hoping to return one day when it is fixed.
No one has time to search forums for the explanation.
I also think that it might be a false positive, but I will wait for the next version to be fixed.
One way to fix it is to contact google owned VirusTotal.com and request an Anti-Virus vendor to update virus definition files for the Rainmeter.
Again, thanks to the developer for the great product with the hope the issue be resolved soon.
https://www.virustotal.com/gui/file/31efb6ba0b89be4d73925fa79747e45d96479408f9808edead3b8b787fe79495
Rainmeter is a great product, thanks a lot to the developer.
It is a shame that people see that Trojan detected in the Rainmeter and just skip using it altogether, hoping to return one day when it is fixed.
No one has time to search forums for the explanation.
I also think that it might be a false positive, but I will wait for the next version to be fixed.
One way to fix it is to contact google owned VirusTotal.com and request an Anti-Virus vendor to update virus definition files for the Rainmeter.
Again, thanks to the developer for the great product with the hope the issue be resolved soon.
-
- Rainmeter Sage
- Posts: 7177
- Joined: February 27th, 2015, 2:38 pm
- Location: Terra Yincognita
Re: Rainmeter 4.5.3 has a TROJAN detected
And no one has time to consider a false positive detected by just one AV, which is not ESET, not Kaspersky, not BitDefender, heck, not even Avast (which also sometimes yields false positives), but ... VBA32. Really?! FYI, this is precisely why VirusTotal and other online scanners use multiple AV engines to scan a file: because only a few AV vendors are top ones, and even then, a file usually contains a virus if most AVs (and especially the top ones) detect it as such.
You'll probably have to wait for much longer, LOL, because I doubt there is something to "fix" here. If anything, that "famous" VBA32 should fix its detection engine, or leave the AV market altogether.
That being said, all the AV vendors lost their credibility the moment they started to flag the PUA / PUP (potentially unwanted application / potentially unwanted program) apps as "infected", regardless of whether they are truly malicious or just used in illegal activities. Currently, no AV vender is a true antivirus maker anymore, since politics, company interests, the tools used in building an app, or simply the "reputation" (read: how well known an app is) of a software or their programmers make the flagging biased and not strictly technical (i.e. based on actual malicious code). The fact that these vendors (or those buying their products) are interested in ... erm, parental controls or other things totally unrelated to virus detection says everything.
In my view, it's a shame when such people consider only the one obsolete AV vendor that incorrectly flagged the product as Trojan instead of ALL THE OTHERS that did not...
-
- Rainmeter Sage
- Posts: 1399
- Joined: April 24th, 2021, 8:13 pm
Re: Rainmeter 4.5.3 has a TROJAN detected
Well, I don't disagree or agree with anyone here, but just saying. And I very much agree that the Trojan detection was false.
Let's say an user uses his skin to read some file from say Documents of an user where he has stored his important relevant information and sends it to himself using webparser. God don't do this please, if anyone is thinking about it after reading it.
Just say he does, then the skin becomes it self a very potent and skilled trojan, which doesn't need soldiers inside. Lmao... This thing had never crossed my mind, up until now
Let's say an user uses his skin to read some file from say Documents of an user where he has stored his important relevant information and sends it to himself using webparser. God don't do this please, if anyone is thinking about it after reading it.
Just say he does, then the skin becomes it self a very potent and skilled trojan, which doesn't need soldiers inside. Lmao... This thing had never crossed my mind, up until now
from the Realm of Death
-
- Rainmeter Sage
- Posts: 7177
- Joined: February 27th, 2015, 2:38 pm
- Location: Terra Yincognita
Re: Rainmeter 4.5.3 has a TROJAN detected
Are you sure webparser can do that? Last time I checked, webparser could only read a webpage, not write anywhere or send something somewhere. To send some data or a file to someone else, another method would have to be used. Just saying...
-
- Rainmeter Sage
- Posts: 1399
- Joined: April 24th, 2021, 8:13 pm
Re: Rainmeter 4.5.3 has a TROJAN detected
In form of queries? But yeah you can't normally do that. You have to setup your own methods to do so... But we have run command and powershell with powerful internet capabilities... And not like there ain't option for custom plugins... So who knows. If someone wants to, he can.Yincognito wrote: ↑October 7th, 2021, 2:25 am Are you sure webparser can do that? Last time I checked, webparser could only read a webpage, not write anywhere or send something somewhere. To send some data or a file to someone else, another method would have to be used. Just saying...
So we better check the skins we run. And avoid closed source unknown plugins as far as possible. Just to be safe.
from the Realm of Death
-
- Rainmeter Sage
- Posts: 7177
- Joined: February 27th, 2015, 2:38 pm
- Location: Terra Yincognita
Re: Rainmeter 4.5.3 has a TROJAN detected
Not sure that will pass solid firewalls with restrictive rules, but yeah, I agree with checking the skins we run or the plugins. I already do that, checking the .rmskin archive or minimizing the amount of plugin dependencies.death.crafter wrote: ↑October 7th, 2021, 3:14 am In form of queries? But yeah you can't normally do that. You have to setup your own methods to do so... But we have run command and powershell with powerful internet capabilities... And not like there ain't option for custom plugins... So who knows. If someone wants to, he can.
So we better check the skins we run. And avoid closed source unknown plugins as far as possible. Just to be safe.
-
- Posts: 246
- Joined: July 8th, 2021, 11:30 pm
- Location: The King's Avenue, Golden Kingdom
Re: Rainmeter 4.5.3 has a TROJAN detected
Dude! Trojan, here?. We love to do our beautiful crafting in peace. I don't trust the AV vendors these days. Not even Avast. I made a script once and avast blocked it and then took over the entire system! So I got rid of it and I have never been better. These things just limit your functionality. I craft my own defences.mcsteve wrote: ↑October 4th, 2021, 4:49 pm The same TROJAN is in new Rainmeter 4.5.4
https://www.virustotal.com/gui/file/31efb6ba0b89be4d73925fa79747e45d96479408f9808edead3b8b787fe79495
Rainmeter is a great product, thanks a lot to the developer.
It is a shame that people see that Trojan detected in the Rainmeter and just skip using it altogether, hoping to return one day when it is fixed.
No one has time to search forums for the explanation.
I also think that it might be a false positive, but I will wait for the next version to be fixed.
One way to fix it is to contact google owned VirusTotal.com and request an Anti-Virus vendor to update virus definition files for the Rainmeter.
Again, thanks to the developer for the great product with the hope the issue be resolved soon.
the DA GALLERY For some Reason, the square root of X2 does not involve X
-
- Developer
- Posts: 22631
- Joined: April 19th, 2009, 11:02 pm
- Location: Fort Hunt, Virginia, USA
Re: Rainmeter 4.5.3 has a TROJAN detected
This is a false positive with just one out of the dozens of antivirus vendors that VirusTotal tests against. This happens from time to time, and it's safe and best to just ignore it and "allow" the executable in the software. Trust me, there is no malware in the Rainmeter setup executable.
The whole antivirus deal is a matter of personal preference, but I resist any calls that you shouldn't necessarily use one. In my view, the Windows Defender stuff that is included with Windows works about as well as anything, but I for one would not recommend just going without entirely.
Protecting your computer is a holistic approach that in my view involves being smart about where you go and what you do on the internet, a really good regular backup, a decent antivirus application, and running something like MalwareBytes from time to time.
The whole antivirus deal is a matter of personal preference, but I resist any calls that you shouldn't necessarily use one. In my view, the Windows Defender stuff that is included with Windows works about as well as anything, but I for one would not recommend just going without entirely.
Protecting your computer is a holistic approach that in my view involves being smart about where you go and what you do on the internet, a really good regular backup, a decent antivirus application, and running something like MalwareBytes from time to time.