MgAl2O4 / FFTriadBuddy

FF14 Triple Triad helper
MIT License
129 stars 17 forks source link

AntiVirus threat detected #89

Open tobilen opened 2 months ago

tobilen commented 2 months ago
image

anything to worry about?

MgAl2O4 commented 2 months ago

Not really, sounds like a false alarm from antivirus heuristic detection. If you installed plugin via official Dalamud plugin manager, it's been reviewed and accepted as safe.

See antivirus section of Dalamud FAQ for details: https://goatcorp.github.io/faq/xl_troubleshooting.html#q-how-do-i-whitelist-xivlauncher-and-dalamud-so-my-antivirus-leaves-them-alone

I'm very curios why it was flagged as trojan of all possible threats, it just reads game memory to understand state of TT mini game on screen. Isn't network comms a required component of any malware? Personally, I'd just whitelist entire Dalamud folder, as game injection itself may be seen as suspicious activity, but decision is up to you.

MgAl2O4 commented 2 months ago

https://www.virustotal.com/gui/file/59c170bb05a5bd36b40089a03ecb7284950f35a6c9fc2b952254ac10e3f1a5c8/detection

I thrown plugin's dll file into virus total, version 1.10.0.1, same as on your screenshot. Looks like BitDefender & pretty much everyone else agree that it's safe stuff, but some vendors do think it's a malicious program :D