Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Windows Security flags 2.5 release as "Emali" trojan #2356

Closed
ghost opened this issue Aug 31, 2020 · 14 comments
Closed

Windows Security flags 2.5 release as "Emali" trojan #2356

ghost opened this issue Aug 31, 2020 · 14 comments
Labels
Meta Relating to code organisation or to things that aren't code

Comments

@ghost
Copy link

ghost commented Aug 31, 2020

Bizhawk 2.50 virus!

see image
Capture
@YoshiRulz

This comment has been minimized.

Sign in to view
@YoshiRulz YoshiRulz added the Meta Relating to code organisation or to things that aren't code label Aug 31, 2020
@ghost

This comment has been minimized.

Sign in to view
@zeromus

This comment has been minimized.

Sign in to view
@zeromus zeromus closed this as completed Aug 31, 2020
@YoshiRulz YoshiRulz added Question/Support and removed Meta Relating to code organisation or to things that aren't code labels Aug 31, 2020
@YoshiRulz

This comment has been minimized.

Sign in to view
@YoshiRulz YoshiRulz changed the title Bizhawk 2.50 virus! Windows Security flags 2.5 release as "Emali" trojan Aug 31, 2020
@ghost

This comment has been minimized.

Sign in to view
@zeromus
Copy link
Contributor

zeromus commented Aug 31, 2020
edited by YoshiRulz

https://www.virustotal.com/gui/url/377c2f7e5c3d0c08d8306da96145b6b7779b504d5934aa554797e4aca0d3b570/detection

edit: This is URL scanning which VirusTotal treats differently to file scanning. Uploading EmuHawk.exe will show "One engine detected this file" (only Microsoft), as @Bio37 notes in #2356 (comment). --yoshi

@TASEmulators TASEmulators locked and limited conversation to collaborators Aug 31, 2020
@YoshiRulz

This comment has been minimized.

Sign in to view
@RetroEdit
Copy link
Contributor

Discussion continued at #2357 because the discussion here was locked.

@YoshiRulz
Copy link
Member

YoshiRulz commented Aug 31, 2020
edited

My Win10 machine is giving me the same anti-virus warning now (it wasn't when I originally downloaded the file, maybe because I put it on F:\).

The good news is that it's only a false positive (VirusTotal is reliable, they show that only Microsoft's lower-tier AV flagged us). The bad news is that it's annoying for users and makes us look bad.

edit: For the record, OP should never have opened this issue (disregarding their later spam which is obviously unhelpful). Issues regarding security should be privately sent to a developer, preferably adelikat as in our security policy. I'd wager most open-source software devs would prefer an email over a bug report for security issues/disclosures. On GitHub, click "Security" at the top of any page on any repo to see if they've got a security policy.

@YoshiRulz YoshiRulz mentioned this issue Aug 31, 2020
Closed
@YoshiRulz YoshiRulz added Meta Relating to code organisation or to things that aren't code and removed Question/Support labels Aug 31, 2020
@TASEmulators TASEmulators unlocked this conversation Sep 3, 2020
@YoshiRulz YoshiRulz mentioned this issue Sep 3, 2020
Closed
@RetroEdit
Copy link
Contributor

Yep, it got quarantined for me on Windows 8.1 with the same error message.

@zeromus zeromus changed the title Windows Security flags 2.5 release as "Emali" trojan Ineffectually vent your dissatisfaction with Windows Security flagging 2.5 release as "Emali" trojan here Sep 3, 2020
@YoshiRulz YoshiRulz changed the title Ineffectually vent your dissatisfaction with Windows Security flagging 2.5 release as "Emali" trojan here Windows Security flags 2.5 release as "Emali" trojan Sep 4, 2020
@Bio37
Copy link

Bio37 commented Sep 4, 2020

https://www.virustotal.com/gui/url/377c2f7e5c3d0c08d8306da96145b6b7779b504d5934aa554797e4aca0d3b570/detection

https://www.virustotal.com/gui/file/b16aaa38d66cb93a188aa4a1fe6702df9678431c0c5d2ca365989bd021ca5681/detection

@Bio37

This comment has been minimized.

Sign in to view
@Bio37

This comment has been minimized.

Sign in to view
@YoshiRulz
Copy link
Member

I've run 2.5.1 through the same check and it appears unaffected: BizHawk-2.5.1.zip, EmuHawk.exe. This time around, the archive has a false positive from some Chinese AV I've never heard of that doesn't seem to be available (outside China? anymore?).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Meta Relating to code organisation or to things that aren't code
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@zeromus @YoshiRulz @RetroEdit @Bio37