search

marcopixel / monstercat-visualizer

A real time audio visualizer for Rainmeter similar to the ones used in the Monstercat videos.
MIT License
919 stars 103 forks source link

Identified as Trojan! #370

Closed Zopenzop closed 3 years ago

Zopenzop commented 3 years ago

I downloaded the latest release of this visualizer from the github page, and my antivirus flagged it as trojan!! I read an older issue where it has been told that its not a virus, should I really believe it? It flagged the rmskin file and a Mouse.dll as well

marcopixel commented 3 years ago

It is a false flag from your antivirus software, there have been no changes to the skin file and i have retested the latest version (2.1.0) with Virustotal and it came back clean.

Please verify that you downloaded the skin only from this Github Repo, as I have got some reports that a few sites have been rehosting my skins without my permission and I can't guarantee if they haven’t been tampered or not.

I've added the MD5 hash to the release so you can verify your .rmskin file is the exact same as the one offered for download.

URL: https://github.com/marcopixel/monstercat-visualizer/releases/download/2.1.0/Monstercat.Visualizer.for.Rainmeter_2.1.0.rmskin

Virustotal: https://www.virustotal.com/gui/url/2a6b8d6db3ce24001eae02d2c4ebc77f423832385926043561d964a533b336a8

MD5 Hash: 6d131961dbc019f43514a7bd98459ce9

Zopenzop commented 3 years ago

Ah alright, thanks for clarifying.

DarshGupta16 commented 2 years ago

It is a false flag from your antivirus software, there have been no changes to the skin file and i have retested the latest version (2.1.0) with Virustotal and it came back clean.

Please verify that you downloaded the skin only from this Github Repo, as I have got some reports that a few sites have been rehosting my skins without my permission and I can't guarantee if they haven’t been tampered or not.

I've added the MD5 hash to the release so you can verify your .rmskin file is the exact same as the one offered for download.

URL: https://github.com/marcopixel/monstercat-visualizer/releases/download/2.1.0/Monstercat.Visualizer.for.Rainmeter_2.1.0.rmskin

Virustotal: https://www.virustotal.com/gui/url/2a6b8d6db3ce24001eae02d2c4ebc77f423832385926043561d964a533b336a8

MD5 Hash: 6d131961dbc019f43514a7bd98459ce9

@marcopixel That is the URL for the rmskin which is of course safe. When I am uploading the rmskin file itself, a Virustotal security vendor (DrWeb) is flagging it as Trojan.BPlug.3951

Link - https://www.virustotal.com/gui/file/5d620abe7589f5cfaa2337fba903da3724ff2af14fc6abcf42c42728828b767b/detection

marcopixel commented 2 years ago

@Zopenzop @DarshGupta16

That was my mistake, I didn't knew Virustotal doesn't download the File from the URL anymore - it did it quite a while ago and it seems they've stopped it.

Still, this doesn't change the fact that this is a false positive as it's again reporting RainRGB.exe & SysColor.dll as a virus which are known tools/plugins created by both Rainmeter developers (brian, jsmorley).

You can read more about this here: https://github.com/marcopixel/monstercat-visualizer/issues/104 https://forums.malwarebytes.com/topic/114805-path2lniexe-rainrgbexe-flagged-as-trojandropperai/ https://forum.rainmeter.net/viewtopic.php?t=6215

Zopenzop commented 2 years ago

@marcopixel Indeed, I did research about this, asked a few more rainmeter skin developers, tried the visualizer myself, and also got fake positive reports for a few other completely safe skins. Understandable, antiviruses aren't very bright anyways. Thanks for clarifying.