logo
Main

Forums

Downloads

Unreal-Netiquette

Donate for Oldunreal:
Donate

borderline

Links to our wiki:
Wiki

Walkthrough

Links

Tutorials

Unreal Reference

Usermaps

borderline

Contact us:
Submit News
Page Index Toggle Pages: 1 Send TopicPrint
Normal Topic Trojan in the patch 227i? (Read 595 times)
Daemonum
New Member
*
Offline


Oldunreal member

Posts: 1
Joined: Dec 22nd, 2018
Trojan in the patch 227i?
Dec 22nd, 2018 at 2:32pm
Print Post  
Hi guys, i'm new here but an old Unreal lover and an old Oldunreal patch user.
Today I downloaded the patch but Avira has detected a trojan in the file and blocked it. I think it's a false positive, can you confirm please? Thank you!



(It's Italian but I think it's understandable)
  
Back to top
 
IP Logged
 
shoober420
Betatester
Offline



Posts: 286
Location: US
Joined: Jun 17th, 2012
Gender: Male
Re: Trojan in the patch 227i?
Reply #1 - Dec 22nd, 2018 at 4:15pm
Print Post  
Its a false positive dude lol

Avira has very strong heuristic analysis, meaning if it finds a program with similar behavior of a virus, even when its not a Virus, it will get flagged as "AGEN".

I personally wouldnt use any AV software, and just watch the things youre downloading. All you need is a firewall. AV software bogs down your machine and makes it slow, just like a virus. AV software is actually, a virus if you think about it.
  
Back to top
IP Logged
 
Hyper
Board Moderator
Betatester
*****
Offline


It's Unreal.

Posts: 2994
Joined: Oct 11th, 2002
Re: Trojan in the patch 227i?
Reply #2 - Dec 22nd, 2018 at 11:18pm
Print Post  
  
Back to top
WWW  
IP Logged
 
Dr.Flay™
Senior Member
****
Offline


ChaosUT-333networks

Posts: 368
Location: Kernow, UK
Joined: Dec 9th, 2012
Gender: Male
Re: Trojan in the patch 227i?
Reply #3 - Dec 23rd, 2018 at 5:08am
Print Post  
Avira are quick to work on files you submit.
Just upload or link any files via the site, and select "Suspected False Positive"
https://analysis.avira.com/
Explain why you think the file is OK (point at this site)

Within a day or 2 it should be cleared.


I never recommend that people get rid of AV unless they are nerdy enough to already know how to spot malware or strange tasks running in the system.
That is just opening the door to trouble, unless you also put in the effort to train the person giving up the AV.

What works for you may not for others.

A firewall (or HOSTS blocklist) is 1 important part of a set of protective layers.
It is nothing like an AV. It cannot protect you from malvertising or malware in legitimate sites,or your email, and it can't protect your USB or bluetooth connections.

A firewall blocks IPs and will not stop malware from changing data in a file or section of memory, and it certainly won't stop ransomware from encrypting a drive, even though it stops it from talking to a server.
It won't help if your DNS has been poisoned or redirected and you can't trust the IPs
It also relies on pre-knowledge of bad IPs so is always behind.

A good AV will also block access to bad IPs, and sandbox unknown files until they are cleared.
MS finally just added this optional feature to theirs (took them a very long time). By default MS security lets you use an unrated file with no restrictions.

Yes AV will slow the system down, but depending on the AV and settings, it varies from unnoticeable to almost giving up waiting for anything to open.
MSE on my Win7 multicore laptop slows it down very often, and I regularly have to wait until the mouse responds.
But with Qihoo running on the XP x32 rig, after it finishes loading it is difficult to notice any lag at all.
Many AV let you set it so they only scan when writing a file, instead of both reading and writing it.
If you start from a clean trusted system, this will remove most of the lag you get.

Bad AV may as well be malware. I remember when Norton used to delete important system files, bricking peoples PCs, and after 1 update it couldn't recognise itself and started to delete its own files until crashing.
Bad AV end up in the news for all the wrong reasons, making everyone assume they are all as bad.
Good AV are in the news all the time releasing info on the new threats and hacking campaigns.
They can only do this because people use AV and security solutions all over the globe.
Manually finding and submitting all the malware is not a useful solution in 2018. It was in 1999 but things have changed.

(Calling AV a virus is only accurate if it installed itself without your knowledge and then infected your system so it can make copies of itself and spread to other systems.)
  
Back to top
IP Logged
 
Smirftsch
Forum Administrator
*****
Offline



Posts: 7928
Location: at home
Joined: Apr 30th, 1998
Gender: Male
Re: Trojan in the patch 227i?
Reply #4 - Dec 23rd, 2018 at 11:40am
Print Post  
yes, the patch caused a few times over the ages such false positives. Please send them to any AV Software which may report this and let them check it, we have nothing to fear here. Unless one of the servers hosting the patch being infected the files are definitely clean (which is really unlikely).
  

Sometimes you have to lose a fight to win the war.
Back to top
WWWICQ  
IP Logged
 
Page Index Toggle Pages: 1
Send TopicPrint
Bookmarks: del.icio.us Digg Facebook Google Google+ Linked in reddit StumbleUpon Twitter Yahoo