Virus on EQ2MAP Updater? [confirmed no virus]
Donīt want to spoil the fun, but i tried the download several times today and everytime my Scanner (AntiVir. Version 6.31.00.01) warned me about the Trojan Dldr.IstBar.it.1.
The same on the Sourceforge files. The eq2Interface Main package is unaffected. Only the "EQ2MAP Updater" seems to be infected. Real problem or is just my scanner telling some weird tales? |
I checked the install file and install directory with norton antivirus and spysweeper and niether found anything. i am the author of it though so feel free to wait for a response from someone else.
if you are still scared you could even just compile the program yourself using the source code (Assuming you know how) also the installer was made using NSIS, which is an open source installation creator found at http://nsis.sourceforge.net/ what antivirus are you using? |
Scans fine on this windows machine and on the server via clamscan
|
I checked it with NOD32, no problems found.
perhaps Fanryan, someone has gotten into your browser and is linking viruses through random downloads. ( do you use IE? ) |
Not having scanned it myself... But I would say its down to your scanner.. I have 100% trust in the guys that write stuff here inc .exe files... Unless the download has been hacked in some form, Its just gotta be down to the nature of the code it contains.. If you thik about it, It is a high security risk letting an .exe file connect to the net and download / replace files on your system... But then again MS does it all the time lmao!
As long as you got the file from here or the proper map site (sorry dont recall the url offhand =/) All will be fine.. there has been a couple of bugs peeps have reported in the new version but no virus!! Personaly I would say this is one of very few sites where you can download with no worries... Its down to the nice nature of guys / girls that reside here and also damn good site management by Dolby, Kudane and others :) |
McAfee Security Suite 8.0 scans it fine. No Problems.
If you have such a virus, maybe the virus is attaching it self to files (.exe) as you run them. The virus is probably in another executeable that you ran and now in your machine. A true trojan virus, as it is masking itself into recently dl'ed ran progies that you are using. I suggest a FULL scan of your system, AND run HiJack, a program that is free to download and will tell you if anything suspicious is hiding (even beyond virus progs) on your machine. dn |
Got Virus Warning on Uninstaller
I got after an update of my virus scanner a warning, telling me, the uninstaller of EQ2 Map Auto Updater would contain the trojan "TR/Dldr.IstBar.it.1".
(The setup file showed the same infection after opening the folder.) As I don't feel safe enough to use the updater right now, I'd ask if anyone else got warnings -with fresh anti virus signatures-, or if I should check my scanner. Somehow hoping it's false alarm, but better safe than sorry. You may close this thread, I found another one here |
My Computer and Notebook have found the Trojan Dldr.IstBar.it.1 in the Uninst.exe
|
Again no virus here using multiple flavors of scanners. I check every report to make sure.
AVG Free, Norton 2005, Trend Micro (3 different computers) Its safe. What Anti-Virus software you guys using? |
here is the full details of what the installer does. this is the file i have created to make the installer using NSIS
Code:
; HM NIS Edit Wizard helper defines |
I use AntiVir ( http://www.free-av.com/ ) and after i update the AntiVir-Files yesterday evening, it found the Trojan Dldr.IstBar.it.1 in the Uninst.exe at start up Windows and when i scan the eq2-map folder.
|
I'm running Norton's Internet Security and just checked too, I got no Trojan. I'm usually wary of freeware antivirus software, simply because I've had problems with them before.
|
I use antiVir since 3 years and have no problems. I've read some tests about free-av and it's a very good antivir-software with 3-5 updates every day. And the performance is better as other software how Norton, Kaspersky...
But i don't know what the problem is with the uninst.exe . Can someone check this? Sorry about my bad english. :D I'm from switzerland. |
Cant find any info on that trojan... closest I can find is: http://sarc.com/avcenter/venc/data/adware.istbar.html
All I can tell you is its clean here (heck taco-man even posted the source code for that exe). checked about 15 times now on multiple machines and had friends check it too. |
Using your anti-virus I get the same warning now. However since AVGFree, Trend Micro, Norton, McAfee, ClamAV all dont have trouble with it I feel confident in saying its a pattern problem on AntiVir's end.
|
please see this news on NSIS's webpage. http://nsis.sourceforge.net/index.ph...D=2&tt_news=24
if you still dont believe me, NSIS is open source and you can have a look for yourself at the source code and see that it doesnt have spyware/viruses/trojans. Sorry to anyone who has antivirus software that has false positives, all you can do is report it to your antivirus software vendor and hope they fix it. Luckily none of the major anti-virus have false positives, it just appears that the smaller less known/maintained do. |
Send File to AntiVir
I send the file to AntiVir yesterday.
Till now i didnīt get a direct reply but they updatet their scanner today and tadaa NO Virus is found in the EQ2MAP_Updater. So at least i assume they got mail about the problem :o Sorry for stirring things up. |
Quote:
*Goes back to lurking in the shadows* |
Quote:
|
Well
In all honesty, I do not trust Norton / Mcafee, waste of money. My friends mother bought the Suite Edition, and after a long scan... no virsus.
Yet, I ran my trusted AVG and it found, no lie 73 virsuses. My friend was stunned. The program is CONSTANTLY updated 5 days aweek, sat / sun no updates but any other time during the week it will update. Why waste money on virus protection thats only partail? :mad: Anywho, I just did a quick scan to see myself, I came up clean. So I too can verify that the files are untampered. :nana: |
No problems
I have been running EQ2mapautoupdater with no problems and no viruses or anything discovered and I am a techy nut, so I can strip the files down and search thoroughly through them. Try this, open up the folder with the files in them and do a separate scan of each file, then make sure you have the hidden files (if any) available for view and check those also. But at the same time I have to agree with you on the reliability of Norton and Mcafee.
|
Tried with 2 different computers. One running WinXP Pro SP2 and McAfee Enterprise 8.0, the other running WinXP Pro (no SP at all) with Avast 4.7; each one with all the virus database updates. Neither computer found a virus in the installer or the app.
Thank you for writing a great program :D |
I use Avast 4.7 Anti-Virus Pro. on 1 computer and Kaspersky Anti-Virus 6 on the other, both computers have EQII on them, both run EQIIMap.
The only FALSE problem I have encountered with Avast, was whence installing BLP2 Viewer it says that it is a trojan, when it's not...it's false labeling a .exe, a virus. You must have that problem with yours |
Just want 2 re assure u guys
I have downloaded it on my 3 computers and i got a trojen warning but i had a family member walking me though the process and said everythig was fine. IT WAS! I learned most programes they block is te program is un sure.:nana::nana::nana::nana::nana::nana:
|
Virus
I use AVG Antivirus and it has put everything in quarantine.
|
Avast antivirus flags the Updater 1.3.0 as malware and quarantines it. Malwarebytes flags it as well.
Here's the link to Virustotal with the scan: https://www.virustotal.com/gui/file/...ddff?nocache=1 |
I really hope there is no virus.
I use McAfee my self and it has not reported anything. I use NSIS for the installer, always have. I hope i can trust the site i downloaded it from. https://nsis.sourceforge.io/Download I'm not sure how i could test this any other way :( |
As far as I can tell it looks like false positives but I have reverted the main download back to 1.2.10 for now. I'll submit the new 1.3.0 as a false positive so some of the larger AV's to have them check it out.
This happens sometimes and I've had to do it before. |
I hope its quick as 1.2.10 is not supported anymore.
By the way there is already a new version coming later today as i found a bug for new users. |
1 Attachment(s)
This should be cleared up soon I hope. Just received a reply from AVG:
Quote:
I have also submitted it to Avast (no word from them yet) and Microsoft and so far things are looking good there. |
1 Attachment(s)
Avast, AVG and Microsoft Defender have all came back saying the file is clean and they will update their signatures. I have put version 1.3.0 back.
This is certainly a false positive and like I said those three have updated their definitions and no longer alert on eq2map https://www.virustotal.com/gui/file/...ddff/detection There are still a few more to contact but going to wait a little bit to see if the other AVs follow suit. |
1 Attachment(s)
jnils released 1.3.1 of the eq2map updater and after submitting the exe to Microsoft first it seems to have helped.
https://www.virustotal.com/gui/file/...15f4?nocache=1 |
avast still sees the updater as a virus as of 130 est on december 1st. tried doing an exception but that didnt work. keep getting an error message that the file cant be found.
|
Quote:
|
If you follow the link you see avast clears the file.
|
Quote:
|
If its up to date it should clear it.
Else i have no clue how to solve it, i don't use Avast. |
All times are GMT -5. The time now is 04:10 PM. |
vBulletin® - Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
© MMOUI