Bob Dule's Pre Patched Version, Win32/Contebrew.A!ml Trojan?

Discussion in 'Kontakt' started by SYRE123, May 12, 2022.

  1. SYRE123

    SYRE123 Newbie

    Joined:
    Aug 24, 2020
    Messages:
    3
    Likes Received:
    0
    I just downloaded Bob Dule's Pre Patched Version from his site and when scanning the folder with Windows Defender it tells me it contains a virus called Win32/Contebrew.A!ml. When scanning the folder with Malware Bytes it doesn't detect anything.

    But I'm still a bit worried. I've tried googling and I've found some result about a false positive, but some saying the opposite. Does anyone here know if it's safe? I know Bob writes here, so hopefully he will see this.

    Thanks

     
  2.  
  3. Quantised Noise

    Quantised Noise Producer

    Joined:
    Mar 12, 2018
    Messages:
    186
    Likes Received:
    82
    '!ml' means machine learning, which means it's an AI 'guess' at it being a trojan, so as is usual - it's a false positive.
     
    • Agree Agree x 4
    • Like Like x 1
    • Useful Useful x 1
    • List
  4. DoubleTake

    DoubleTake Audiosexual

    Joined:
    Jul 16, 2017
    Messages:
    2,277
    Likes Received:
    1,226
    Pre-patched version of WHAT?
    :bow:

    Yes, it is a false positive.
    By the very NATURE of 'unofficial' software, it will trigger many AV programs.
    That is why it is great to have such trusted sources. :wink:
    If not for trusted sources, I would have very little unofficial software on my computer, because I would have to research so much and it would not be so readily available and easy to use to begin with. :(
    And forget trying to actually determine if a positive might be false or true. I have no way to do that and probably don't have the intelligence / diligence to learn and manage it. :rofl:
     
    • Like Like x 2
    • Agree Agree x 1
    • List
  5. SYRE123

    SYRE123 Newbie

    Joined:
    Aug 24, 2020
    Messages:
    3
    Likes Received:
    0
    Since this is the Kontakt forum I figured it would be obvious. But I should have been more clear in my original post, my bad!

    I actually thought there would be more trusted sources in this/other forums about this, that's why I'm asking :) But it seems like it really is a false positive then, that's great! :)
     
  6. Olymoon

    Olymoon Moderator

    Joined:
    Jan 31, 2012
    Messages:
    5,777
    Likes Received:
    4,445
    Best Answer
    This is a false positive due to heuristic detection.
    Learn more about heuristic detection:
    https://www.forcepoint.com/cyber-edu/heuristic-analysis

    With most antivirus, you can and should disable heuristic detection if you are using cracked software.
     
    Last edited: May 12, 2022
    • Agree Agree x 4
    • Winner Winner x 2
    • Like Like x 1
    • List
  7. SYRE123

    SYRE123 Newbie

    Joined:
    Aug 24, 2020
    Messages:
    3
    Likes Received:
    0
  8. DoubleTake

    DoubleTake Audiosexual

    Joined:
    Jul 16, 2017
    Messages:
    2,277
    Likes Received:
    1,226
    Ah! It was my oversight to not notice which forum this is in.
    I kind of assumed it was Kontakt, as bobdule is heavy into that and his website is based on it...
    But bobdule is also into many other things, so I wondered. :yes:

    And yes, you can surely trust the moderators and veterans of these forums.
    It's a great source of information about all things DAW, and a good source of opinions in general!
     
    • Like Like x 1
    • Love it! Love it! x 1
    • List
  9. Xupito

    Xupito Audiosexual

    Joined:
    Jan 21, 2012
    Messages:
    7,226
    Likes Received:
    3,995
    Location:
    Europe
    Just to complement a bit what's already well said by others. Most antivirus when in doubt using those algorithm-driven "guesses" choose to be on the safe side.
    So they give false positives to anything that could be dangerous, unless is certified by MSoft or similar.
     
    Last edited: May 12, 2022
  10. Barncore

    Barncore Platinum Record

    Joined:
    May 25, 2022
    Messages:
    375
    Likes Received:
    265
    Sorry to bump an old thread...

    I just installed bobdule's version of kontakt 7.9.0, and i got a Windows Defender reading that i've never seen before: "severe"

    [​IMG]

    I've never seen a "severe" rating before. It's usually "high" at the most.

    Maybe it's because i updated Win11 earlier today, and maybe they changed something. I've used bobdule stuff before in the past and never had a problem, but for peace of mind i thought i'd just double check here that everything is okay?
     
  11. 108hz

    108hz Member

    Joined:
    Dec 27, 2022
    Messages:
    16
    Likes Received:
    7
    I love bobdule, they give us Max, they saved our lives. no malware ever from their side. Windows 11 security is becoming more and more unhinged. pulling stuff out of its quarantine occasionally, well, that is life with Windows today. it is annoying for sure, but we got used to it
     
  12. Demloc

    Demloc Platinum Record

    Joined:
    Mar 10, 2020
    Messages:
    282
    Likes Received:
    243
    Even if the change their threat assesment rating to "UBER DANEGEROUS RADIOACTIVE" it still will be a false positive. Don't let Microsoft annoy you. :wink:
     
  13. Lois Lane

    Lois Lane Audiosexual

    Joined:
    Jan 16, 2019
    Messages:
    4,767
    Likes Received:
    4,690
    Location:
    Somewhere Over The Rainbow
    Don't sweat it, listen to Oly, he's still watching over this thread!

    [​IMG]
     
    • Love it! Love it! x 3
    • Like Like x 2
    • List
  14. Xupito

    Xupito Audiosexual

    Joined:
    Jan 21, 2012
    Messages:
    7,226
    Likes Received:
    3,995
    Location:
    Europe
    You do well in asking. But as said by others it's a false positive.

    I use almost every bobdule release. The kontak button contains several tools that touches important files/registry entries of Windows. That makes AVs automatically say that they may be viruses. False positive.
     
    • Agree Agree x 3
    • Like Like x 1
    • List
Loading...
Loading...