Jump to content

Photo

Playground download- virus detected?


16 replies to this topic

#1 DuaneAL OFFLINE  

DuaneAL

    Space Invader

  • 49 posts

Posted Thu Mar 8, 2018 3:54 PM

I've been trying to download Playground from the develpoment resources page.  I get "virus detected".  Has anyone else had this happen? 



#2 discgolfer72 OFFLINE  

discgolfer72

    Moonsweeper

  • 271 posts

Posted Thu Mar 8, 2018 4:03 PM

I just tried and IE would not even download it  deleted before it even finished



#3 ti99iuc OFFLINE  

ti99iuc

    Stargunner

  • 1,469 posts
  • Location:Italy

Posted Thu Mar 8, 2018 4:18 PM

I'm using the Avast Free Antivirus on my PC and no virus detected.

maybe it could be a false positive of your antivirus program.



#4 DuaneAL OFFLINE  

DuaneAL

    Space Invader

  • Topic Starter
  • 49 posts

Posted Thu Mar 8, 2018 4:20 PM

Discgolfer, Yeah, That was what happened to me.  I need to be more clear in my explanations!  Thanks for trying.


Edited by DuaneAL, Thu Mar 8, 2018 4:21 PM.


#5 DuaneAL OFFLINE  

DuaneAL

    Space Invader

  • Topic Starter
  • 49 posts

Posted Thu Mar 8, 2018 4:43 PM

So, I am running Opera, I have turned off my virus protection and firewall and shutdown Malwarebytes.  I don't see any virus protection active anywhere.  I'm still getting "virus detected".  I'm not sure what program is throwing the message now.  Windows defender is off.  Any ideas?



#6 Schmitzi OFFLINE  

Schmitzi

    River Patroller

  • 4,330 posts
  • ToXiC
  • Location:Germany

Posted Thu Mar 8, 2018 5:42 PM

Maybe a virus that wants you to shutdown your Antivir, your MalWareBytes, your firewall a.s.o. ? :-D

Can you post a pic of that message ? Or try with Internet Explorer, maybe it comes from this Opera (?)



#7 DuaneAL OFFLINE  

DuaneAL

    Space Invader

  • Topic Starter
  • 49 posts

Posted Thu Mar 8, 2018 6:00 PM

Just tried in microsoft edge.  Mcafee adviser says "woah, that download is dangerous"  It says the domain aa-ti994a.oratronik.de. It gave me the option to download and I checked it with windows defender.  It found no threats.  i guess I'll gn on from here.

 

Thanks for the help!



#8 discgolfer72 OFFLINE  

discgolfer72

    Moonsweeper

  • 271 posts

Posted Thu Mar 8, 2018 6:08 PM

tried with firefox  and no problems

IE and Edge both threw the  threat error



#9 OLD CS1 OFFLINE  

OLD CS1

    Quadrunner

  • 5,314 posts
  • Technology Samurai
  • Location:Tallahassee, FL

Posted Thu Mar 8, 2018 6:53 PM

Run the link through VirusTotal and see what comes up.



#10 DuaneAL OFFLINE  

DuaneAL

    Space Invader

  • Topic Starter
  • 49 posts

Posted Thu Mar 8, 2018 7:31 PM

Came back "No engines detected this URL," 0/67.  Looks clean I guess.  I was able to download (MS Edge)but I had to "Take the risk" .  I ran the demos in Classic99 with no problem then.



#11 Lee Stewart OFFLINE  

Lee Stewart

    River Patroller

  • 3,695 posts
  • Location:Silver Run, Maryland

Posted Thu Mar 8, 2018 10:10 PM

Most antivirus engines will alert on download attempts of software from little-used sites.  And, let’s face it, our software qualifies as “little-used” by any AV metric.  ;)

 

...lee



#12 mizapf OFFLINE  

mizapf

    River Patroller

  • 3,271 posts
  • Location:Germany

Posted Fri Mar 9, 2018 1:12 PM

One thing that seriously annoyed me was that Googlemail rejects my mails if they contain a JAR file. In that special case, I wanted to mail someone a new release of TIImageTool and thought that I could simply add the JAR file as an attachment. The receiver's address is under googlemail.

 

Shortly after sending, I got the reply that my mail was rejected due to dangerous contents. OK, the JAR file. I did not know that all JAR files are dangerous, regardless of their implementation.

 

Next try: Send tiimagetool.zip as attachment.

 

Same result. Googlemail found the tiimagetool.jar in the ZIP file and again rejected my mail. :mad:  :mad:

 

My only chance was to upload tiimagetool.zip to my server and tell the recipient to download it.

 

"Annoyed" is a decent way of expressing how I feel about that.


Edited by mizapf, Fri Mar 9, 2018 1:34 PM.


#13 RickyDean OFFLINE  

RickyDean

    Dragonstomper

  • 870 posts

Posted Fri Mar 9, 2018 1:56 PM

 

Same result. Googlemail found the tiimagetool.jar in the ZIP file and again rejected my mail. :mad:  :mad:

 

As I have to do here when trying to upload a Tar file, rename the extension, or drop it, and tell the people downloading it to rename it back to the original name.



#14 atrax27407 OFFLINE  

atrax27407

    Stargunner

  • 1,011 posts

Posted Fri Mar 9, 2018 3:14 PM

FYI, here is a list of what Google won't handle (which is a lot of stuff):

 

To protect you against potential viruses and harmful software, Gmail doesn't allow you to attach certain types of files, including:

  • Certain file types (listed below), including their compressed form (like .gz or .bz2 files) or when found within archives (like .zip or .tgz files)
  • Documents with malicious macros
  • Password protected archives whose content is an archive

Note: If you try to attach a document that is too large, your message won't send. Learn more about attachments and file size limits.

File types you can't include as attachments

.ADE, .ADP, .BAT, .CHM, .CMD, .COM, .CPL, .DLL, .DMG, .EXE, .HTA, .INS, .ISP, .JAR, .JS, .JSE, .LIB, .LNK, .MDE, .MSC, .MSI, .MSP, .MST, .NSH .PIF, .SCR, .SCT, .SHB, .SYS, .VB, .VBE, .VBS, .VXD, .WSC, .WSF, .WSH



#15 majestyx OFFLINE  

majestyx

    Chopper Commander

  • 209 posts
  • Location:Port Carbon, Pennsylvania

Posted Fri Mar 9, 2018 3:48 PM

One thing that seriously annoyed me was that Googlemail rejects my mails if they contain a JAR file. In that special case, I wanted to mail someone a new release of TIImageTool and thought that I could simply add the JAR file as an attachment. The receiver's address is under googlemail.

 

Shortly after sending, I got the reply that my mail was rejected due to dangerous contents. OK, the JAR file. I did not know that all JAR files are dangerous, regardless of their implementation.

 

Next try: Send tiimagetool.zip as attachment.

 

Same result. Googlemail found the tiimagetool.jar in the ZIP file and again rejected my mail. :mad:  :mad:

 

My only chance was to upload tiimagetool.zip to my server and tell the recipient to download it.

 

"Annoyed" is a decent way of expressing how I feel about that.

 

 

Blocking JAR files is pretty standard with all email. My job is in tech support and when trying to email them, we either have to rename the file to have a .txt extension (although some email programs can still detect that it's a jar) or simply put it on Google Drive and send a link to the file. Of course, what you did, zipping and hosting it on a website, will work too!



#16 DuaneAL OFFLINE  

DuaneAL

    Space Invader

  • Topic Starter
  • 49 posts

Posted Fri Mar 9, 2018 4:20 PM

Most antivirus engines will alert on download attempts of software from little-used sites.  And, let’s face it, our software qualifies as “little-used” by any AV metric.  ;)

 

...lee

Thanks, Lee!  You are probably right since the playground download link takes you off Atariage to a German site.  I have downloaded several other things from here that haven't flagged, so I think the this domain is less "little used" than the other one!  :)  



#17 mizapf OFFLINE  

mizapf

    River Patroller

  • 3,271 posts
  • Location:Germany

Posted Fri Mar 9, 2018 4:50 PM

 we either have to rename the file to have a .txt extension (although some email programs can still detect that it's a jar) [...] Of course, what you did, zipping and hosting it on a website, will work too!

 
This is just what I am afraid of in future - mail services deeply analyzing the contents and deliberately blocking messages or content. You just need to unzip the JAR file to find out that it contains Java classes, and then there is not even a need to check for file name extension. My software is not pursuing any bad intentions, and yet I am blocked. Lucky me that I have an own server and Internet domain so that I can offer a download.

 

Although I can configure my mail server to accept every message (it does, and my spamassassin reliably filters the trash), and my web server to offer anything for download, I'm still not on the safe side. For instance, I cannot send mails to Chris (Shift838) on his AT&T address because it seemingly blocks the whole address range of my hoster, maybe because of spammers. I don't know whether this is still the case, but some years ago this used to be a problem. To be precise, 5 years ago already ...

 

How long will it take until we get whitelisting?






0 user(s) are browsing this forum

0 members, 0 guests, 0 anonymous users