Running Microsoft Windows 10 x64 Version 20H2 Build 19042.572. Using the latest Windows Defender Advanced Threat Protection I can no longer run Mapster32.debug.exe as it is now detected as Randsomware. This just started occurring when I went to test build: 20201107-9275-6256d4bf7
Please see attached screenshot. The file doesn't get deleted the Mapster process just gets stopped.
Page 1 of 1
Windows 10 Defender "Mapster32 Blocked as ransomware"
#1 Posted 17 November 2020 - 02:53 PM
This post has been edited by Paul B: 17 November 2020 - 02:57 PM
#2 Posted 19 November 2020 - 11:05 AM
I could go ahead and create an exception for the folder the mapster.exe file is stored in and push it out through machine group policy. But it begs to differ why would this file be tagged as ransomware in the first place.
#3 Posted 20 November 2020 - 01:11 AM
When you doubt, ask Virustotal.
32bit - https://www.virustot...0252d3df742c00/
(Someone already upload the file 11 days ago)
64bit - https://www.virustot...5a27e2907ca093/
Both 0/71.
Looks like false positives to me, if you have problems and cannot just set white list then go complain to M$, ask they should analysis the file to see if it's true or not.
I guess any software with such "Advanced Threat Protection" always give users some problems if it get too "seriously", some normal behaviors(HTTP requests, file access etc.) also may seems like ransomware or virus.
32bit - https://www.virustot...0252d3df742c00/
(Someone already upload the file 11 days ago)
64bit - https://www.virustot...5a27e2907ca093/
Both 0/71.
Looks like false positives to me, if you have problems and cannot just set white list then go complain to M$, ask they should analysis the file to see if it's true or not.
I guess any software with such "Advanced Threat Protection" always give users some problems if it get too "seriously", some normal behaviors(HTTP requests, file access etc.) also may seems like ransomware or virus.
This post has been edited by Player Lin: 20 November 2020 - 01:12 AM
#5 Posted 20 November 2020 - 08:49 AM
Could it be triggered by having the "check for updates" enabled in eduke32 ? That might be considered snooping?
#6 Posted 20 November 2020 - 03:10 PM
Mark, on 20 November 2020 - 08:49 AM, said:
Could it be triggered by having the "check for updates" enabled in eduke32 ? That might be considered snooping?
Mark that's a great thought, I never actually had a chance to try that though. I was having so many problems with the latest builds that I could of probably filled this forum with annoying bug reports. I know this is not a preferred solution, but due to so many problems and other annoyances with no concrete solutions, I've restored my map blueprints finally by using a known good version of Mapster R4791. At least this way I can still use the program while the dev team has a chance to catch up.
This post has been edited by Paul B: 20 November 2020 - 03:11 PM
Share this topic:
Page 1 of 1