Using a vs 2022 created a Monogame project it runs fine but when I launch it Vipre reports that it has blocked a Trojan virus. Has anyone encounter this problem or is Vipre giving me a false alarm?
Thank-you Mike
Hey @Michael_Salman,
I haven’t experienced this issue both on my own system as well as projects built using MonoGame and then shared with other people to play on their systems.
I would most likely say this is a false alarm. Does Vipre offer any specifics as to what Trojan it’s reporting as detected?
Thank-you for your reply. This is the trojan reported gen:trojan.heur.pm2. I did contact Vipre their reply was to remove some files or directories from the scan which to me is not a satisfactory answer
Just to give you some peace of mind, I created a brand new MonoGame DesktopGL project, using the following commands
dotnet new sln -n MonoGameTest
dotnet new mgdesktopgl -n MonoGameTest
dotnet sln add ./MonoGameTest
dotnet build
Then i took each of the exe and dlls output in the bin directory from the build and did a scan with Virus Total. Here are the results for each
-
MonoGameTest.exe(actual exe build): VirusTotal -
MonoGameTest.dll(dll created for game build): VirusTotal -
MonoGame.Framework.dll: VirusTotal
These scans also include Vipre as a scan engine, which doesn’t detect anything.
So, I think it’s pretty safe to say that MonoGame itself doesn’t have anything that would flag a trojan. However, I would be concerned that your system flags it as one using Vipre when the Vipre engine on Virus Total does not.
We have the same issue with BitDefender (business). Same detection from the DLL create for the game build.
Just ran into this issue as well. BitDefender detected it. I couldn’t delete the file even if it was through running Powershell as an Administrator.
When I build the code, it gave me an unauthorized access to the .dll file (the one that was infected).
I had to restart and run windows in safe mode to delete the file.
This is the BitDefender notification (my project is called P1):
The file C:\Users\shane\dev\tutorials\monogame\P1\P1\obj\Debug\net6.0\refint\P1.dll is infected with Gen:Trojan.Heur.PM.2 and was moved to quarantine. It is recommended that you run a System Scan to make sure your system is clean.
the only thing i did in my project was create a sprite class with two properties and drew it on
protected override void Draw(GameTime gameTime)
{
GraphicsDevice.Clear(Color.CornflowerBlue);
// TODO: Add your drawing code here
_spriteBatch.Begin();
_spriteBatch.Draw(sprite.Texture, sprite.Vector2, Color.White);
_spriteBatch.End();
base.Draw(gameTime);
}
Before this, i compiled the project when I first created it, and it ran fine.
It was only after adding an image to the project’s Content.mcgb, creating a sprite class and then running it again.
It gave me this error:
Severity Code Description Project File Line Suppression State
> Error UnauthorizedAccessException: Access to the path ‘obj\Debug\net6.0\refint\P1.dll’ is denied.
at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
at System.IO.File.InternalCopy(String sourceFileName, String destFileName, Boolean overwrite, Boolean checkHost)
at Microsoft.CodeAnalysis.BuildTasks.CopyRefAssembly.Copy()
P1 C:\Program Files\Microsoft Visual Studio\2022\Community\MSBuild\Current\Bin\amd64\Microsoft.Common.CurrentVersion.targets 4753
Then clicking on the error led me to a file called “Microsoft.Common.CurrentVersion.targets”
which pointed to this code snippet:
<!-- Copy the reference assembly build product (.dll or .exe). -->
<CopyRefAssembly
SourcePath="@(IntermediateRefAssembly)"
DestinationPath="$(TargetRefPath)"
Condition="'$(ProduceReferenceAssembly)' == 'true' and '$(CopyBuildOutputToOutputDirectory)' == 'true' and '$(SkipCopyBuildProduct)' != 'true'"
>
<Output TaskParameter="DestinationPath" ItemName="ReferenceAssembly"/>
<Output TaskParameter="DestinationPath" ItemName="FileWrites"/>
</CopyRefAssembly>
I forgot to mention this was for the Desktop OpenGL project.
I recreated in the Desktop DirectX and it’s working fine so far
The “Access to the path” error sounds like BitDefender disabled the file’s ability to be used (quarantined it), and so Visual Studio couldn’t access it. If you go into the settings of BitDefender and add an Exception to your first “P1” folder, it won’t quarantine your files and cause those issues. As well, you should “Unquarantine” that file so that it can be used.
Because yes, it’s a false positive. That specific file “P1.dll” is your own code, and as long as you’re not writing malware, it won’t contain any (with the rare exception that doesn’t matter in this case). You can verify with a website called VirusTotal. This Reddit post has some interesting tips on false positives as well, if you wish to know more.