pouët.net

WTF ! virus in demo

category: general [glöplog]
AVP antivirus has detected a possible Mail Bomb in the "suboceanic" 64k demo. Can anybody confirm this. Also, why does this small zip file make my drive work like crazy when I extract it. This is really suspicious.

http://www.pouet.net/prod.php?which=18343
added on the 2006-03-15 01:05:13 by duffman duffman
everything fine here...
no mail bomb, no crazy working hdd...

check if you loaded the file from scene.org, it should be all right..
added on the 2006-03-15 01:15:09 by v3nom v3nom
well, we've seen such things, tho...
added on the 2006-03-15 01:43:06 by kelsey kelsey
virus scanners often report false positives in intro executables, mostly because they use an exe packer. If something like that is reported to you, an update of the virus scanner often helps.

Quote:
Also, why does this small zip file make my drive work like crazy when I extract it. This is really suspicious.
Your system is low on resources or your hdd was shut down.
antivirus .. bleh.
added on the 2006-03-15 09:01:07 by _-_-__ _-_-__
Quote:
virus scanners often report false positives in intro executables, mostly because they use an exe packer


packers don't have anything to do with it afaik. Virus signatures are done by least byte comparison, which packing has no effect on (ie: the comparison is done on whatever code is there, whether it's packed or not).
added on the 2006-03-15 12:13:01 by defbase defbase
Well, still some intros (even 4k ones) are usually reported by virus scanners! Why does this happen? Or is it that their code is so 1337 which makes it suspicious ;)
added on the 2006-03-15 12:30:00 by Optimus Optimus
eh... the first word in your post answered your question
added on the 2006-03-15 13:07:21 by raymon raymon
defbase: and thats why it always reports the actual unpacking code-stub as virii.
added on the 2006-03-15 13:07:32 by Gargaj Gargaj
It's for such reasons only lamers use antivirus programs!
added on the 2006-03-15 13:13:29 by nitro2k01 nitro2k01
Only thing I know is that some AV programs recognize Mew packed .exe files as infected.
added on the 2006-03-15 16:39:12 by noouch noouch
mew worked quite well for me so far. however some versions of upack may bring nightmares.
golden rule: for as long as shane didnt manufacture the production, you're pretty safe virus-wise and it's prolly just a false warning...
Yep, got me a virus warning too with an exe packed with MEW11. The funny thing was that I had compiled and packed the thing myself :)

I'm going to link to a thread here that I started about harful code in demos so that we don't have to repeat the whole discussion again: http://www.pouet.net/topic.php?which=2506
added on the 2006-03-15 20:15:03 by El Topo El Topo
I thought the word already spread, that packed executables can appear as viruses to scanners...
and tomkh is such a nice guy, why would he put a virus in his intro :)
added on the 2006-03-15 21:47:14 by styx^hcr styx^hcr
As I said, virus scanners are for lamers. If you can't keep your windows-datan clean from virii, you don't deserve to own a windows-datan.
added on the 2006-03-15 22:15:57 by nitro2k01 nitro2k01
Quote:
defbase: and thats why it always reports the actual unpacking code-stub as virii.
Viruses, please. That is the only correct plural form. Thanks!
added on the 2006-03-16 07:22:54 by wayfinder wayfinder
What? I wasn't talking about viruses, I was talking about virii.
added on the 2006-03-16 08:38:26 by nitro2k01 nitro2k01
oh come on wayfinder, virii sounds way cooler! just as the plural of penis is penii and the plural of genius is genii!

^_^
added on the 2006-03-16 09:22:14 by okkie okkie
David Hasselhoff is the demo virus exterminator give him a call.
added on the 2006-03-16 14:16:40 by Mike 3D Mike 3D
So, is Optimii really Optimuses or Optimii? I never got the ii plurar concept ever :P
added on the 2006-03-16 16:59:10 by Optimus Optimus
idioti
added on the 2006-03-16 17:20:08 by Navis Navis
Quote:
as long as shane didnt manufacture the production, you're pretty safe virus-wise

Reminds me a quote from my favorite movie:
"Bellamy, for cryin out loud! That's the stinking, most awful, stupid joke and you're always pullin' that stinking awful stupid joke! You don't want in this thing, you don't get in this thing! I cut you in on everything! I don't need you, sixty feet of bridge I can get almost anywhere! ... Schmuck..."
added on the 2006-03-16 17:23:42 by Gargaj Gargaj
Thank you all, anyway I disabled AVP monitor and the demo ran fine.
added on the 2006-03-16 18:12:05 by duffman duffman
bwahaha, he actually believed us. Fool. :)
added on the 2006-03-16 18:15:04 by kb_ kb_

login