nilaoda/N_m3u8DL-CLI

从下载的release包中发现特洛伊木马

volnet opened this issue 4 years ago · 16 comments

volnet commented 4 years ago

Windows安全中心给出来的提示：

下载：N_m3u8DL-CLI_v2.6.3_with_ffmpeg_and_SimpleG.zip

已检测到威胁：Trojan:Win32/Occamy.AA
警报级别：严重
日期：2020/7/6 13:53
类别：特洛伊木马
详细信息：这个程序很危险，而且执行来自攻击者的命令。

zhangyz1997 commented 4 years ago

估计是误报，我已经提交样本了
更新：已经解除误报

👍3

nilaoda commented 4 years ago

估计是误报，我已经提交样本了
更新：已经解除误报

感谢

nilaoda commented 4 years ago

https://www.microsoft.com/en-us/wdsi/submission/8271d6c5-9155-45f1-a1e3-1f1700991319

nilaoda commented 4 years ago

2.7.1:
https://www.microsoft.com/en-us/wdsi/submission/e25cea3d-389b-42dc-a032-96bffabd6d43

ccicnce113424 commented 4 years ago

360有类似的误报

nilaoda commented 4 years ago

2.7.2:
https://www.microsoft.com/en-us/wdsi/submission/33c7e73d-9254-4451-8f7b-a60c045eb16b

👍1

nilaoda commented 4 years ago

Open command prompt as administrator and change directory to c:\Program Files\Windows Defender
Run “MpCmdRun.exe -removedefinitions -dynamicsignatures”
Run "MpCmdRun.exe -SignatureUpdate"

iamv7 commented 4 years ago

2.7.4 having same issue on Windows Defender

iflyun commented 4 years ago

现在会报 Trojan:Win32/CryptInject!ml 木马

nilaoda commented 4 years ago

2.8.5
https://www.microsoft.com/en-us/wdsi/submission/78804b2d-b40a-4294-b367-a17e2de541bb

huluxia commented 4 years ago

确实报毒

nekomiao123 commented 3 years ago

N_m3u8DL-CLI_v2.9.3_with_ffmpeg_and_SimpleG.zip Google浏览器直接报毒不让下载

nilaoda commented 3 years ago

N_m3u8DL-CLI_v2.9.3_with_ffmpeg_and_SimpleG.zip Google浏览器直接报毒不让下载

之后更新个版本应该就没事了

metalbug commented 3 years ago

N_m3u8DL-CLI_v2.9.5.exe
报毒

nilaoda commented 3 years ago

N_m3u8DL-CLI_v2.9.5.exe
报毒

我也没辙了不放心的话只能自己下载源码编译

CocosGames commented 3 years ago

确认是误报. 可能由于其后台下载的功能.