Jump to content

malware in download


svone100
 Share

Recommended Posts

None of the scanners on virustotal shows anything about a false positive, 0/51 https://virustotal.com/en/file/7641dbb095d0d24570585a5bfea45b54150c20cd02384618d097c5dfcd645632/analysis/1467903892/

 

So I guess it must either be a paranoid detection system that triggers the false positive or you have norton, if it's norton then always make sure you look at the message, WS-Repuation and WS-Suspicous is not a virus

Link to comment
Share on other sites

At least 1 of the scanners shows that it is likely to contain Malware, 1/52: https://virustotal.com/en/file/7641dbb095d0d24570585a5bfea45b54150c20cd02384618d097c5dfcd645632/analysis/1467933327/

 

Besides, it's rather easy to hide Malware and make it go undetected. I certainly don't want to spread any fear but I'd put my money on it that it does contain some shady components that might infringe your privacy.

 

If you have nothing to hide, FunkyFr3sh, why don't you make it open source? Why does CnCNet obfuscate everything? Why are you reading private data like MAC addresses? I know the answers, you want to protect yourself against cheaters, etc. etc. blahblahblah but two wrongs still don't make it a right. The ones who suffer are the casual fair players.

 

 

 

Link to comment
Share on other sites

If he has Qihoo-360 then it would explain the detection, if not, read my post above.

 

Sure, a lot of malware will not be detected until the anti virus companies updated their database with the needed information, but that's not what this case here is about. The scanners show there was nothing found but he still got a warning, so there must be something that triggers the false positive. Norton is very well known for its WS-Repuation alerts.

 

Rampastring is currently working on his client, from what I know he will be making it open source. You can't just make something open source that was not meant to be open source right from the start, you need to add additional checks to verify values to ensure someone can't simply change 1 line of code to start with 9999999 cash instead of 10000 :P modern client-server games verify all values server side, so even if you would raise your cash to 999999 it would not help at all, the server has the final words on it. The old cnc games are not that smart, but things are getting better, one byte at a time

 

Edit:

I'm using Avast as antivirus and it blocked the download?

 

Posted at the same time as you, according to virustotal you should not end up with a detection then. I have never used avast, is there maybe any form you can use to report the file as a false positive? They should be able to fix it up within a few days

Link to comment
Share on other sites

Rampastring is currently working on his client, from what I know he will be making it open source. You can't just make something open source that was not meant to be open source right from the start, you need to add additional checks to verify values to ensure someone can't simply change 1 line of code to start with 9999999 cash instead of 10000 :P modern client-server games verify all values server side, so even if you would raise your cash to 999999 it would not help at all, the server has the final words on it. The old cnc games are not that smart, but things are getting better, one byte at a time

 

I absolutely agree with you, FunkyFr3sh. Although I want to add that you can Indeed start RA2/YR games with >10000 money, but every player will start with the same amount of money. If you do somehow increase only your own money the other players games will go out of sync (Reconnection Error) as soon as you keep building stuff and are hitting below 0 credits from their point of view.

 

AFAIK, WOL-Servers were never really meant to do any sort of checking. They just pass data through and act like IRC-Servers (which they are). You can easily start games with >10000 credits on XWIS and even a player who isn't the host can forcibly start a game or change the map with the appropriate GAMEOPT/STARTG commands. People have abused that in the past. The XWIS server is literally dumb af and so was WOL. You could even upload random stats (called ladder hacking). It's really bad. Westwood and security don't go together well.  :P

 

I also agree with the not making stuff open source which was not meant to be open source. That's also the very reason my hacks aren't open source. Simply for the very reason that they do, like most any other trainer for that reason, contain malware and they in themselves are malware as well. It's extremely easy for any skilled developer/hacker to hide malware and most malware goes undetected for years until it reaches a certain amount of distribution and ends up being analyzed by the right people or anti-virus manufacturers themselves.

 

 

I'm using Avast as antivirus and it blocked the download?

 

If you keep having trouble you could post a screenshot of your anti-viruses settings here and someone who knows Avast might be able to help you out getting it to work.  :)

 

 

Link to comment
Share on other sites

 

I absolutely agree with you, FunkyFr3sh. Although I want to add that you can Indeed start RA2/YR games with >10000 money, but every player will start with the same amount of money. If you do somehow increase only your own money the other players games will go out of sync (Reconnection Error) as soon as you keep building stuff and are hitting below 0 credits from their point of view.

 

AFAIK, WOL-Servers were never really meant to do any sort of checking. They just pass data through and act like IRC-Servers (which they are). You can easily start games with >10000 credits on XWIS and even a player who isn't the host can forcibly start a game or change the map with the appropriate GAMEOPT/STARTG commands. People have abused that in the past. The XWIS server is literally dumb af and so was WOL. You could even upload random stats (called ladder hacking). It's really bad. Westwood and security don't go together well.  :P

 

I also agree with the not making stuff open source which was not meant to be open source. That's also the very reason my hacks aren't open source. Simply for the very reason that they do, like most any other trainer for that reason, contain malware and they in themselves are malware as well. It's extremely easy for any skilled developer/hacker to hide malware and most malware goes undetected for years until it reaches a certain amount of distribution and ends up being analyzed by the right people or anti-virus manufacturers themselves.

 

True, I patched dune 2000 once to set up a higher starting cash and it worked just fine on WOL (Actually it was PvPGN lol)

 

I just tried again and I get message from Avast.  fileRepMalware    whats this?

 

Google says fileRepMalware is a caused by a reputation system, makes sense since this is clearly not how a virus is called! And the "Rep" in the name confirms it too. I never heard about a reputation system in avast so I'm not sure how it works, you might have to ask in the avast forums for more details. In norton the reputation system deletes all files that were downloaded less than 50 times, maybe the one in avast works the same way?

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...