Jump to content
Due to inclement weather in Southwest Florida, our Clearwater support team is offline. Our other offices are available to assist you, however their responses may be delayed. We appreciate your patience and understanding during this time. ×

Developing a C# Monogame Game produces a DLL which is marked 93% Anomalous


BlakeNowah
 Share

Recommended Posts

Hi,

 

Well, title pretty much says it all, compiling my game in Visual Studio 2019 produces a library [mygamename].dll that is recognized as below:

Thing is I'm not sure how this log will help, I'm guessing the last part of the log is a sort of hash you are using to uniquely identify a file, whereas I expect that the respective dll that holds the core functionality of the game will change every release increment I do.

Also, to be clear, the code that is in there basically does things like:

- array computations (lots of);

- draws a lot of tiles;

- constantly monitors the keyboard/mouse/controlers for activity;

- reading assets from the game directory;

- looks for read/write in the users/%user%/appdata/local/mygamefolder -> where I keep saves and some config data.

.. don't know what else to describe here, in-memory procedural generations, I have some utils that generate and save some textures to disk.. basically intensive game logic and related stuff.

 

This behavior is recent, yesterday and before that, it worked fine. I have 4 months of developing this with MalwareBytes on and no problems until now.

Oh, actually, the only thing done differently is that I discovered I created a regression bug in the method that's zooming the map from the mouse wheel. I pulled up an archive with the old behavior from when it was working fine, opened up that source in paralel in another instance of VS2019, found my bug, fixed it and when I started compiling the original game, MWBytes popped up.

I think it's because he discovered two dll files with a general same structure, same name but a bit different? And it drew the conclusion that one of them may be hijacked?

 

Workaround for me: added the file to the allowed list, but said to also give you guys a heads-up. Let me know if I can provide further info.

 

Thanks!

 

LOG:

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 12/11/21
Protection Event Time: 11:50 PM
Log File: 5dbf2ad0-5acc-11ec-ad83-f02f74a0136b.json

-Software Information-
Version: 4.4.10.144
Components Version: 1.0.1499
Update Package Version: 1.0.48468
License: Premium

-System Information-
OS: Windows 10 (Build 19042.1348)
CPU: x64
File System: NTFS
User: System

-Blocked Malware Details-
File: 1
MachineLearning/Anomalous.93%, D:\Projects\[GameName]\_Backups\Prototype\2021.11.30 20.57 - [GameName] - fixed screen ratio\bin\Debug\netcoreapp3.1\[GameName].dll, Quarantined, 0, 392687, 1.0.48468, , shuriken, , 49CFB6668E759856A054D0F9C7049095, FF280411D9D60948FE4FFC9D62A7DF66B64A69C96E98A408936C774BF1BBDDBE


(end)

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.