search

RXJpaw / Valorant-Companion

See others ranks, parties, loadouts, and competitive histories to dodge bad lobbies. Built-in loadout-manager, settings-manager and account switcher with visible store offers, night.market and account-export-feature!
Apache License 2.0
16 stars 0 forks source link

Possible Trojan? #4

Closed ConnorDoesDev closed 1 year ago

ConnorDoesDev commented 1 year ago

VirusTotal detects a Trojan.Heur!.02046823

RXJpaw commented 1 year ago

When submitting VirusTotal results please also include the link and information about what exactly you scanned so I can give you a better description of what happened.

If you scanned the installer it's probably a false-positive caused by the nature of Windows.Squirrel. It's a wizard-less installer, meaning it needs no further user interaction than clicking the installer to run the installation process.

If you scanned the bundle it's not exactly a false-positive. When using the Account Switcher I use windows command lines to kill processes and start new ones. That could be detected as remote execution.

Please feel free to look through my code/dependencies and build the project yourself to make sure you're not installing a virus. Also still send me the VirusTotal link and tell me what you scanned so I can get a better look at the situation.

RXJpaw commented 1 year ago

I have done some tests with the latest release myself. Only 1 of 89 vendors classify my latest release as "Malware".

VirusTotal results: Master, Bundle, Installer

As long as BitDefender or other well known anti-virus vendors don't think my releases are malicious, there is no need to panic. If you have further questions please re-open this issue with your VirusTotal results and state your concern in more detail.

Above information is incorrect due to me only scanning urls, not files. Correction:

The installation file was flagged for Trojan.Generic@AI.88: Valorant Companion Installer.exe This is a detection made by artificial intelligence algorithms and must be a false-positive. Unluckily I have no better explanation at the time.

The bundle was flagged for the usage of 7zip and for creating executables: Valorant Companion.zip I personally don't remember implementing any features that would create executables, but maybe it's caused by compression libraries I use for the Account Sharing- and Backup-feature.

RXJpaw commented 1 year ago

By pure chance I have found your test results on VirusTotal: Valorant Companion.exe

I suspect this is caused by the very nature of electron. But don't take my word for it. It could also be caused by my auto-updating implementation or using windows command lines.

ConnorDoesDev commented 1 year ago

Makes sense. Thanks for your throughout explanation! Sorry for the assumption, lol I'm very precautios when installing things from Github