从下载的release包中发现特洛伊木马 - Githubissues

nilaoda / N_m3u8DL-CLI

[.NET] m3u8 downloader 开源的命令行m3u8/HLS/dash下载器，支持普通AES-128-CBC解密，多线程，自定义请求头等. 支持简体中文,繁体中文和英文. English Supported.

https://nilaoda.github.io/N_m3u8DL-CLI/

MIT License

14.14k stars 2.14k forks source link

从下载的release包中发现特洛伊木马 #206

Closed volnet closed 4 years ago

volnet commented 4 years ago

Windows安全中心给出来的提示：

下载：N_m3u8DL-CLI_v2.6.3_with_ffmpeg_and_SimpleG.zip

已检测到威胁：Trojan:Win32/Occamy.AA 警报级别：严重日期：2020/7/6 13:53 类别：特洛伊木马详细信息：这个程序很危险，而且执行来自攻击者的命令。

zhangyz1997 commented 4 years ago

估计是误报，我已经提交样本了更新：已经解除误报

nilaoda commented 4 years ago

估计是误报，我已经提交样本了更新：已经解除误报

感谢

nilaoda commented 4 years ago

https://www.microsoft.com/en-us/wdsi/submission/8271d6c5-9155-45f1-a1e3-1f1700991319

nilaoda commented 4 years ago

2.7.1: https://www.microsoft.com/en-us/wdsi/submission/e25cea3d-389b-42dc-a032-96bffabd6d43

ccicnce113424 commented 4 years ago

360有类似的误报

nilaoda commented 4 years ago

2.7.2:
https://www.microsoft.com/en-us/wdsi/submission/33c7e73d-9254-4451-8f7b-a60c045eb16b

nilaoda commented 4 years ago

Open command prompt as administrator and change directory to c:\Program Files\Windows Defender
Run “MpCmdRun.exe -removedefinitions -dynamicsignatures”
Run "MpCmdRun.exe -SignatureUpdate"

iamv7 commented 3 years ago

2.7.4 having same issue on Windows Defender

iflyun commented 3 years ago

现在会报 Trojan:Win32/CryptInject!ml 木马

nilaoda commented 3 years ago

2.8.5 https://www.microsoft.com/en-us/wdsi/submission/78804b2d-b40a-4294-b367-a17e2de541bb

huluxia commented 3 years ago

确实报毒

nekomiao123 commented 3 years ago

N_m3u8DL-CLI_v2.9.3_with_ffmpeg_and_SimpleG.zip Google浏览器直接报毒不让下载

nilaoda commented 3 years ago

N_m3u8DL-CLI_v2.9.3_with_ffmpeg_and_SimpleG.zip Google浏览器直接报毒不让下载

之后更新个版本应该就没事了

metalbug commented 3 years ago

N_m3u8DL-CLI_v2.9.5.exe 报毒

nilaoda commented 3 years ago

N_m3u8DL-CLI_v2.9.5.exe 报毒

我也没辙了不放心的话只能自己下载源码编译

CocosGames commented 3 years ago

确认是误报. 可能由于其后台下载的功能.