Duke4.net Forums: BuildGDX - Virustotal - Duke4.net Forums

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

BuildGDX - Virustotal  "2 flags"

User is offline   JOHN007 

#1

Hello,

Checking up on BloodGDX this new BuildGDX is unknown to us seeing as we haven't updated in maybe over a year so upon checking the new update Virustotal has flagged it twice for ''malicious (moderate confidence)'' and ''Trojan.Packed''?

Link here

https://www.virustot...af426/detection

What exactly is going off here may we ask?

Thanks again.
0

User is offline   supergoofy 

#2

Download only the jar file, or if you don't trust m210 then don't used it, problem solved <_< :)
0

User is offline   Newken 

#3

Don't worry. It looks like false positives.
0

User is offline   JOHN007 

#4

The other version is flagged aswell from Virustotal so both versions are flagged.

With all due respect I don't personally know the creator of this application so wheres the trust from? All we see is a flagged application, we have downloaded a load of mods and they don't get flagged what so ever, so the question is, why is this app been flagged?

In a paranoid scenario, this could easily be malicious, custom packed exe with a custom Java also, its a perfect slip backdoor.

Cant believe this, don't make us buy the shitty remaster, its a bugged mess of an attempt.

I would gladly purchase BloodGDX, I believe its worth at least 15-20$, if it was packed correctly and not flagged.

A message to the devs, any chance you could sell the mod that is packed correctly and any if any malicious content was removed. You could setup a Patreon and we would purchase through the website, you could email the mod after donating to you.

Should be no reason for BuildGDX to be flagged, unless theres a specific reason why its a false positive.

Its not like we don't trust the devs, but we don't trust the BuildGDX application, something's going off.
0

User is offline   TerminX 

  • el fundador

  #5

In this case, it's simply complaining because the binary has been packed in order to reduce the file size. Old versions of EDuke32 from way back when we used to run them through UPX would probably set off the same alarms. It's not detecting any specific threat but the application is failing a heuristic check due to said packing. A lot of older malware makes use of the same packing methods in order to try and evade detection of threats that would otherwise be discovered, so the heuristics are targeted at the packing itself now.
0

User is offline   fgsfds 

#6

Virustotal is triggered by OpenAL32.dll inside the jar for some reason. At the same time unpacked dll doesn't trigger any alarms.
0

User is offline   pagb666 

#7

View Postfgsfds, on 14 May 2019 - 01:54 PM, said:

Virustotal is triggered by OpenAL32.dll inside the jar for some reason. At the same time unpacked dll doesn't trigger any alarms.

Then Virustotal must be a PoS. OpenAL has been out for more than 15 years now.
0

User is offline   JOHN007 

#8

Hello and thanks for the replies.

May we ask could it be possible to fix this issue at all? I'm not sure why OpenAL32.dll would be flagged packed if that's the case? Could we somehow update the dll? I'm not sure?

Thanks again for your time and hope to speak soon.
0

User is offline   Avoozl 

#9

Is it still possible to get the last version of BloodGDX before it was merged with BuildGDX? The version I still have is v0.799.

This post has been edited by Avoozl: 17 May 2019 - 04:10 AM

0

User is offline   m210® 

#10

No, I don't see reason to compile BloodGdx without launcher
0

User is offline   Avoozl 

#11

I'm not asking you to compile a new version, I'm talking about the previous versions you made, I would've thought that you have kept the other versions for history purposes.

This post has been edited by Avoozl: 17 May 2019 - 08:31 AM

0

User is offline   Avoozl 

#12

Because I can't edit my previous post what I mean is I don't want you to recompile without its launcher, I mean I wanted one of the versions that you released after v0.799 but before you renamed it to BuildGDX and made it compatible with the other Build games. My copy of 0.799 always tells me new version v0.952 is available but it doesn't mention if it's BloodGDX or BuildGDX, so I assumed it was the last version of BloodGDX before it was turned into BuildGDX. I tried BuildGDX but it had some issues which made me want to avoid it such as midi music failing to initialize.

If you down have the previous versions saved and uploaded anymore then that's fine I'll just forget about it.

This post has been edited by Avoozl: 17 May 2019 - 06:48 PM

0

User is offline   m210® 

#13

BloodGdx v0799 was the latest independent version, next release was v0950 as BuildGdx. BuildGdx has different config format, therefore your midi device (-1) didn't initialize. You need to setting up it again, or delete your old cfg file, then Buildgdx will create a new one with midi device 1 (Gervil)
0

User is offline   JOHN007 

#14

Would be great if you could upload the BloodGDX version as that version wasn't flagged on Virus total,

Still we checked the new update for BuildGDX and its still flagged, what a shame.

We downloaded a load of mods even with custom exe's and they don't get flagged what so ever, can you please fix this.

This post has been edited by JOHN007: 20 May 2019 - 05:47 AM

0

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic


All copyrights and trademarks not owned by Voidpoint, LLC are the sole property of their respective owners. Play Ion Fury! ;) © Voidpoint, LLC

Enter your sign in name and password


Sign in options