s25client icon indicating copy to clipboard operation
s25client copied to clipboard
verified publisher icon Return-To-The-Roots

Antivirus from Microsoft and Google detect Meterpreter Trojan

Open odbaeu opened this issue 6 months ago • 1 comments

Hello dear Maintainers.

Recently, Microsoft and Google Antivirus seem to detect a threat in the release package: Virus.Win32.Meterpreter

I checked some previous download and they seem to have the same issue. I did a fresh windows x86_64 download and it uploaded it to virustocal.com. Here's the scan result https://www.virustotal.com/gui/file/b5a4b375d38c56b324ff323d7466af09c105760e0fe9a7ae1a6eadbbd7005601

Could you please check? Thank you!

odbaeu avatar Sep 07 '25 12:09 odbaeu

Hi,

thank you for your report.

Basically after looking into the virustotal report, its gladly a false positive.

Its the combination out of the bundled updater (detected as a "dropper") due to flagging the bundled "libvorbis" as "infected".

It looks like the libvorbis version we deploy seems to crash the wmiadap.exe on windows somehow.

We probably need to update the library

Flow86 avatar Sep 07 '25 13:09 Flow86