Windows detects bladabindi trojan.

PHARTGAMES / SpaceMonkey

MIT License

45 stars 10 forks source link

Windows detects bladabindi trojan. #27

Open thetruth1984 opened 2 years ago

thetruth1984 commented 2 years ago

False positive?

PHARTGAMES commented 2 years ago

Hey thanks for reporting this, I downloaded the installers again and ran them through windows defender and it thinks they are fine. Did you have to run the installer for it to get detected???

dreycos commented 2 years ago

Mine detected bladabindi trojan as well - my corporate malware system blocked it and detected it right after installation.

dreycos commented 2 years ago

Is it a false positive or did someone put the browser key logging / cache malware within the project?

dreycos commented 2 years ago

You do have to run the installer for it to get detected I believe.

dreycos commented 2 years ago

When launching the spacemonkeyTP.exe it also triggers the Bladabindi trojan detections.

PHARTGAMES commented 2 years ago

I looked closer at this, and Windows Defender thinks that it contains Bladabindi because SharpMonoInjector.dll is in the project, really weird that it didn't detect it when I checked on 23rd may..

I rebuilt the SharpMonoInjector.dll and windows no longer thinks it's bladabindi.. That dll was compiled by me originally... I really hope it's a false positive. I'll take down the current release and do a new one asap.

Thanks all

PHARTGAMES commented 2 years ago

I have updated the installer with a new version that Windows Defender is happy with.

dreycos commented 2 years ago

Thanks - I'll give it another test this evening.

dreycos commented 2 years ago

Is this link on git the proper 'latest' fixed .msi?

Installation The latest installer for SpaceMonkey is here (v1.0.5)

https://github.com/PHARTGAMES/SpaceMonkey/raw/main/GenericTelemetryProvider/Installer/SpaceMonkeyTP-SetupFiles/SpaceMonkeyTP.msi

Install anywhere to your local drive.

PHARTGAMES commented 2 years ago

Is this link on git the proper 'latest' fixed .msi?

Installation The latest installer for SpaceMonkey is here (v1.0.5)

https://github.com/PHARTGAMES/SpaceMonkey/raw/main/GenericTelemetryProvider/Installer/SpaceMonkeyTP-SetupFiles/SpaceMonkeyTP.msi

Install anywhere to your local drive.

Yes that is latest, I didn't update the version number :)

Hopefully soon I'll get back in to SpaceMonkey there's a few new games I want to make providers for but atm i'm stuck rig building.

dreycos commented 2 years ago

Great - thanks for updating the package.