Jump to content
Search In
  • More options...
Find results that contain...
Find results in...

ECWolf SVN Marked as Virus By Windows Defender

Recommended Posts

I just recently got an SVN build of ECWolf (My PC was also updated as well), and... let's just say it's having problems.


Windows Defender marked ECWolf as having some trojan called Trojan:Win32/Azden.A!cl. It's "taking action" right now, and it's not really doing anything. Now, whenever I try to load up ECWolf, I get this error message:


"C:\Users\User\Desktop\Other Games\Wolfenstein 3D (ECWolf)\ecwolf.exe"


"Operation did not complete successfully because the file contains a virus or potentially unwanted software."


Can someone help me out on this?

Share this post

Link to post

I tried the latest dev. build of ECWolf and throw them into VirusTotal and both are fine. Don't know if you're using the latest one or not.


ecwolf-171203-0531 x86:


ecwolf-171203-0531 x64:



You can got the latest SVN/dev. build of ECWolf here.


Share this post

Link to post

The version that I had gotten was from the DRD Team Development page (Dec 03 2017), and the VirusTotal page told me that I need an account in order to download the file.

Share this post

Link to post

Okay, so I found a solution. It's not a very good one, but it'll do.


It turns out that I need to use the build BEFORE the latest (Nov 13 2017), and NOW it works without the warning.

This is a really stupid solution, but it's the only solution I currently have.

Share this post

Link to post

It's already stupid as doomed hell when false alert happens. /facepalm


You don't needed/cannot download the uploaded files in VirusTotal, and that's the same one from DRDTeam dev. build site, so you already have them.

Maybe the next Windows update may fix this silly problem I guess, if you still want to that M$ shit. The other way is just wait the new dev. build come out and see if that shit still complains... :p

Share this post

Link to post

I wonder if the high levels of false positives is to discourage using 3rd party apps in the hopes that they'll use the Microsoft app store (or whatever it's called) instead.

Share this post

Link to post
58 minutes ago, Blastfrog said:

I wonder if the high levels of false positives is to discourage using 3rd party apps in the hopes that they'll use the Microsoft app store (or whatever it's called) instead.



No. Your tinfoil hat is showing.

This would have the opposite effect, being that it would actually be a detriment to them. If Defender purposefully reported false positives, people wouldn't use Defender, seeing as it can be disabled quite easily by the end user. It's to their benefit to actually make it reliable.


"But Edward, why is it then reporting ECWolf as a virus when it's obviously not!?"

Because malware isn't deterministic code, and can only be detected either through commonality of the program or algorithmic determination of the byte code through static analysis and the programs environment. As ECWolf is particularly rare, it can only do the latter, which it has incorrectly determined some kind of malware to exist through comparatively similar analysis.

Alternatively, it could be that some kind of malware is actually already in his computer and is rewriting executables on the fly.


And if you are sure you trust a specific program, you can always add an exclusion.

Edited by Edward850

Share this post

Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now