Closed buhralex closed 5 months ago
lol definitely not malicious code.
Of course Microsoft is going to flag it as "Suspicious Behavior"
No one is forcing you to use this application. I'll upload the source code shortly for any doubters.
lol definitely not malicious code.
- The application starts other programs on your computer (PalServer.exe, SteamCMD, ARRCON.exe)
- It also has the feature to backup your save files which means it has to access these files
- Sends web requests and emails on your behalf. (Discord Webhooks and Emails)
Of course Microsoft is going to flag it as "Suspicious Behavior"
Version 1.1.0 was not flagged so something must’ve changed. One cannot be cautious enough these days.
I also submitted a false positive report to Microsoft to hopefully resolve this for users going forward: https://www.microsoft.com/en-us/wdsi/submission/5901d97b-074d-4812-b9da-c045ef1220b6
Just downloaded the latest pre-release. Windows Defender is blocking the application.
Behavior:Win32/DefenseEvasion.A!ml Warning level: Severe Status: Active Date: 08.02.2024 16:54 Category: Suspicious behavior Details: This program is dangerous. It executes commands from an attacker.
As the sourcecode is not open and I'm unable to analyse why Windows would flag your program, I will stop using it and would recomment that to anybody else using this application.