Project Perfect Mod Forums
:: Home :: Get Hosted :: PPM FAQ :: Forum FAQ :: Privacy Policy :: Search :: Memberlist :: Usergroups :: Register :: Profile :: Log in to check your private messages :: Log in ::


The time now is Fri Mar 29, 2024 1:25 am
All times are UTC + 0
Malware detection
Moderators: Global Moderators
Post new topic   Reply to topic Page 1 of 1 [9 Posts] Mark the topic unread ::  View previous topic :: View next topic
Author Message
Vaz
Civilian


Joined: 30 Jan 2014

PostPosted: Mon Feb 17, 2014 1:45 pm    Post subject:  Malware detection Reply with quote  Mark this post and the followings unread

Greetings.

Today I ran a scan with Malwarebytes and it found that the voxel section editor and the os hva builder programs are some kind of malware.

To be precise, its the installers that it detects rather than the program, the installer exes.

The exact term it uses to define both is PUP.Optional.Miner

I downloaded them both from this very site so I'd like to know why does Malwarebytes categorizes these two files as malware.

False positive? Anyone else got this too?

Back to top
View user's profile Send private message
dodgevipergts
Chem Warrior


Joined: 31 Jan 2011

PostPosted: Mon Feb 17, 2014 3:14 pm    Post subject: Reply with quote  Mark this post and the followings unread

There'll be false positives. VSE and HVA Builder are completely safe, i've been using them for years.

Back to top
View user's profile Send private message
Vaz
Civilian


Joined: 30 Jan 2014

PostPosted: Mon Feb 17, 2014 3:55 pm    Post subject: Reply with quote  Mark this post and the followings unread

Been using them for years too, but this really got my attention.

Back to top
View user's profile Send private message
^Rampastein
Rampastring


Joined: 11 Oct 2008
Location: Gensokyo

PostPosted: Mon Feb 17, 2014 4:06 pm    Post subject: Reply with quote  Mark this post and the followings unread

You should be able to send the files to Malwarebytes for manual verification some way. Usually anti-malware companies offer a way to send them possible false-positives or malware with a form on some support site or by email.

_________________
CnCNet Client | CnCNet TS patches | More Quality-of-Life Improvements for RA Remastered


Back to top
View user's profile Send private message ModDB Profile ID Facebook Profile URL
Banshee
Supreme Banshee


Also Known As: banshee_revora (Steam)
Joined: 15 Aug 2002
Location: Brazil

PostPosted: Mon Feb 17, 2014 5:00 pm    Post subject: Reply with quote  Mark this post and the followings unread

There is no malware in these programs. I assure you. Their source code is available for everyone at http://svn.ppmsite.com, so you can verify everything that it does if you desire. The installer just copy the files you need to run VXLSE III and OS HVA Builder, install the shortcuts and add an uninstaller link to the system.

I won't send false positive report for programs that I don't use at all due to their own incompetence. It's up to them to fix this problem.

Back to top
View user's profile Send private message Visit poster's website Skype Account
Orac
President


Joined: 11 Jul 2008
Location: New Zealand

PostPosted: Mon Feb 17, 2014 8:51 pm    Post subject: Reply with quote  Mark this post and the followings unread

Banshee wrote:
It's up to them to fix this problem.

But won't they remain unaware of the problem until it's brought to their attention? #Tongue

Back to top
View user's profile Send private message
Exley
Commander


Joined: 09 May 2011
Location: Approaching the Great Pyramid

PostPosted: Mon Feb 17, 2014 9:21 pm    Post subject: Reply with quote  Mark this post and the followings unread

I get same thing with Avira for TS AI editor
but just ignore it

even if you use exe compressor on programs
AV programs will report some crap

_________________
Quote:

how did we end up here ?

this place is horrible ...

smells like balls ...


Back to top
View user's profile Send private message
^Rampastein
Rampastring


Joined: 11 Oct 2008
Location: Gensokyo

PostPosted: Mon Feb 17, 2014 9:46 pm    Post subject: Reply with quote  Mark this post and the followings unread

Exley wrote:
even if you use exe compressor on programs
AV programs will report some crap

That's because malware likes using different kinds of compression to evade detection, and not that many legal software (used by the average computer user) utilize those rare compression methods.

With Malwarebytes the detection isn't a serious issue since it's only an on-demand scanner, and modders often know the tools they're using quite well (VSE and OS HVA Builder in this case). If it was, let's say an installer for a mod (meaning used by non-tech savvy people) and a real-time scanner detecting it, I'd contact them to fix the false positive because AV companies often like adding signatures to detect files mostly because other AV companies also detect the same file, meaning that over time most AV companies would probably detect the installer and the mod's image would be ruined for the general public (source: http://research.pandasecurity.com/automated-false-positives/ and the same Kaspersky Lab experiment they talk about in that blog post).

_________________
CnCNet Client | CnCNet TS patches | More Quality-of-Life Improvements for RA Remastered


Back to top
View user's profile Send private message ModDB Profile ID Facebook Profile URL
Vaz
Civilian


Joined: 30 Jan 2014

PostPosted: Mon Feb 17, 2014 11:46 pm    Post subject: Reply with quote  Mark this post and the followings unread

Thanks for the responses, just wanted to get this clear.

Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic Page 1 of 1 [9 Posts] Mark the topic unread ::  View previous topic :: View next topic
 
Share on TwitterShare on FacebookShare on Google+Share on DiggShare on RedditShare on PInterestShare on Del.icio.usShare on Stumble Upon
Quick Reply
Username:


If you are visually impaired or cannot otherwise answer the challenges below please contact the Administrator for help.


Write only two of the following words separated by a sharp: Brotherhood, unity, peace! 

 
You cannot post new topics in this forum
You can reply to topics in this forum
You can edit your posts in this forum
You can delete your posts in this forum
You can vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © phpBB Group

[ Time: 0.1487s ][ Queries: 11 (0.0089s) ][ Debug on ]