Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

win32:malware-gen (avast antivirus false-positive?) #58

Closed
zeblau opened this issue Apr 27, 2015 · 7 comments
Closed

win32:malware-gen (avast antivirus false-positive?) #58

zeblau opened this issue Apr 27, 2015 · 7 comments

Comments

@zeblau
Copy link

@zeblau zeblau commented Apr 27, 2015

Is there a way to know for sure the windows client is not virus infected, e.g. false positive?

@mank319
Copy link
Owner

@mank319 mank319 commented Apr 27, 2015

I am going to compile it again and install Avast on my Windows VM that I have set up for the sole purpose of compiling and packaging Go For It! . I have set up a new VM since I built the binaries currently on my download page, so if the old installation was infected by anything, this would be fixed by now. Thanks for reporting - if there was anything wrong, we'd need to fix that as soon as possible!

@mank319
Copy link
Owner

@mank319 mank319 commented Apr 27, 2015

You can also compile it with the script winbuild.bat in the windows branch. You need Gtk 3.10 and valac 0.24, which is a pain to install on Windows - but possible.

@mank319
Copy link
Owner

@mank319 mank319 commented Apr 27, 2015

I disabled the Windows download for now, until we got this sorted!

@mank319
Copy link
Owner

@mank319 mank319 commented Apr 28, 2015

I compiled it again with the newest sources, new GTK release and, as said earlier, on a recently installed VM. Scanning with Avast does not show any suspicious activity.

I have no idea why you have experienced the issue, but it is fixed now! If my old VM was not infected by some sort of malware that attaches itself to binaries, there must be a "harmless" explanation. Maybe the Installer Studio created suspicious patterns of some sort?

I have just composed a blog post to inform users about the incident and about actions to be taken.
Thanks so much for reporting this @zeblau!

By the way: Could you please confirm, that the recent version passes the Avast test on your system too?

@mank319 mank319 closed this Apr 28, 2015
@zeblau
Copy link
Author

@zeblau zeblau commented Apr 28, 2015

At work we have Symantec Endpoint Protection, which pop-upped saying that the windows build of Go-For-It was "seen" less than 50 times, which makes sense, but otherwise no problems. Now, I scanned with Malwarebytes Anti-malware at work, and there is really no problem here at the moment. So my suspicion is that it is just a false-positive and no worries. I will scan the latest windows build at home with Avast. And let you know.

@jamtraks
Copy link

@jamtraks jamtraks commented Sep 2, 2017

my avg anti virus software keeps detecting this "win32:malware-gen" at the end of each launcher download and will not allow openrct to run. I was told that it is a false positive and nothing to worry about, anyone know what this is and why i'm getting this message, is a separate virus/malware injecting or initiating this file, or is this something that is attached to the launcher's download? and if so ... why>?

@JMoerman
Copy link
Collaborator

@JMoerman JMoerman commented Sep 2, 2017

@jamtraks Did you mean to post here? You're speaking of openrct and a launcher, which doesn't have anything to do with Go For It!.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
4 participants
You can’t perform that action at this time.