Virustotal: 4 virus found in last windows installer, even Malwarebytes...

Discussion about the game and its default mods.
Post Reply
psaez
Posts: 18
Joined: Sun Jul 17, 2016 8:37 am

Virustotal: 4 virus found in last windows installer, even Malwarebytes...

Post by psaez »

Hi

First of all, ok, you can say and think that are false positives, but hey, 4 false positives is too much. If openra wants to reach more people, needs to solve its positives in virustotal.com for the Windows version. It's inadmissible to have 4 positives.

I even downloaded the portable version and it haves 3 positives. I even disscovered that the executables of the main games, for example "RedAlert.exe" have positives in virustotal. And not a random antivirus, Malwarebytes points a positive in that exe file.

I never install anything with more than 0 positives in virustotal. Never. And like me, thousands of people do the same, before installing anything, check it in virustotal.com. I did maps for openra in the past and tryed to collaborate with the project, but when I did, the installer had 0 positives in virustotal. Today I was thinking in returning to the game after some years, and now, I can't do it, not with 4 positives.

This must be solved.

User avatar
Sleipnir
Posts: 878
Joined: Wed Apr 10, 2002 11:52 pm
Contact:

Re: Virustotal: 4 virus found in last windows installer, even Malwarebytes...

Post by Sleipnir »

The four scanners that report detections are "Bkav Pro", "Jiangmin", "Webroot", and "Malwarebytes". I have never heard of the first three, and all the results I see when searching these names in Google are forum/reddit/etc posts complaining about false positives and asking how to fix them (and usually comments explaining that these vendors do not respond to support requests to remove false positives).

Malwarebytes reports "MachineLearning/Anomalous.97%" which means that it does not detect any known viruses, but its machine learning algorithms notice code patterns that it does not see very often. OpenRA uses some very custom optimizations to improve performance, so this is not unexpected.

It is sad that this happens but there is nothing more we can do in OpenRA to fix this. The problem is with VirusTotal, not with OpenRA.

Matt
Posts: 1144
Joined: Tue May 01, 2012 12:21 pm
Location: Germany

Re: Virustotal: 4 virus found in last windows installer, even Malwarebytes...

Post by Matt »

This will also block https://community.chocolatey.org/packages/openra#virus from publishing beyond other problems with their install test VM environment.

Recently OpenHV was blocked by Avira Antivir resulting in a white screen where it didn't write any log files. The setting to unblock was quite hidden in the UI. They had a submission form where people could report false positives and we even got a reply from staff telling them that OpenHV was indeed safe.

psaez
Posts: 18
Joined: Sun Jul 17, 2016 8:37 am

Re: Virustotal: 4 virus found in last windows installer, even Malwarebytes...

Post by psaez »

any news on this? I'm considering to buy the command conquer remastered edition if this problem is not solved

that was not my intention, but if openra can't solve its problem of 4 positives in virustotal, unfortunatelly I will not install it anymore

can anynone pass this post to the managers/admins of openra? maybe it can help to the project if they can see that these positives are causing a problem

if openra considers that are false positives, openra must talk with the four antivirus and ask them to remove the false positives, at least try it, if some of these antivirus don't answer, at least try, dont ignore this problem.

User avatar
Punsho
Posts: 143
Joined: Wed Jul 18, 2018 2:56 pm
Location: Lithuania

Re: Virustotal: 4 virus found in last windows installer, even Malwarebytes...

Post by Punsho »

psaez wrote:
Tue Jul 06, 2021 7:41 am
can anynone pass this post to the managers/admins of openra? maybe it can help to the project if they can see that these positives are causing a problem
2 of them had just responded

Matt
Posts: 1144
Joined: Tue May 01, 2012 12:21 pm
Location: Germany

Re: Virustotal: 4 virus found in last windows installer, even Malwarebytes...

Post by Matt »


psaez
Posts: 18
Joined: Sun Jul 17, 2016 8:37 am

Re: Virustotal: 4 virus found in last windows installer, even Malwarebytes...

Post by psaez »

Matt wrote:
Tue Jul 06, 2021 12:48 pm
Go to https://support.malwarebytes.com/hc/en- ... es-Support if you use their software.
unfortunatelly I don't have an account, I simply use virustotal online tool
Punsho wrote:
Tue Jul 06, 2021 9:10 am
2 of them had just responded
thank you for clarifying

thank you all for your work in this great project, maybe in the future I will come back, if the virus alerts problem is solved, but now, it's simply not assumable for me to install this program with 4 virus alerts. Please, don't ignore this problem, do anything you can to solve it. It will help the project.

Matt
Posts: 1144
Joined: Tue May 01, 2012 12:21 pm
Location: Germany

Re: Virustotal: 4 virus found in last windows installer, even Malwarebytes...

Post by Matt »

There is nothing we can do to solve those faulty detections.

Matt
Posts: 1144
Joined: Tue May 01, 2012 12:21 pm
Location: Germany

Re: Virustotal: 4 virus found in last windows installer, even Malwarebytes...

Post by Matt »

You can always start https://github.com/OpenRA/OpenRA/wiki/Compiling from source yourself.

Matt
Posts: 1144
Joined: Tue May 01, 2012 12:21 pm
Location: Germany

Re: Virustotal: 4 virus found in last windows installer, even Malwarebytes...

Post by Matt »

We are now down to 2/61 https://www.virustotal.com/gui/file/261 ... 1639463464 via https://community.chocolatey.org/packages/openra#virus which also cleared the package due to them being obvious false positives.

Matt
Posts: 1144
Joined: Tue May 01, 2012 12:21 pm
Location: Germany

Re: Virustotal: 4 virus found in last windows installer, even Malwarebytes...

Post by Matt »

https://forums.malwarebytes.com/topic/2 ... nt-1493612 is already on the whitelist which VirusTotal can't pick up. https://forums.malwarebytes.com/topic/2 ... planation/ explains the downsides of using machine learning to detect anomalies and why false positives will occur frequently using this method.

Post Reply