Author Topic: C# Aurora v1.12.0 Patch  (Read 45405 times)

0 Members and 1 Guest are viewing this topic.

Offline Garfunkel

  • Registered
  • Admiral of the Fleet
  • ***********
  • Posts: 2781
  • Thanked: 1048 times
Re: C# Aurora v1.12.0 Patch
« Reply #30 on: October 22, 2020, 03:26:07 PM »
Must be since I didn't get anything and nobody else has mentioned it.
 

Offline QuakeIV

  • Registered
  • Commodore
  • **********
  • Posts: 759
  • Thanked: 168 times
Re: C# Aurora v1.12.0 Patch
« Reply #31 on: October 22, 2020, 10:08:52 PM »
Webroot doesn't indicate any problem
 

Offline bankshot

  • Lieutenant
  • *******
  • b
  • Posts: 191
  • Thanked: 48 times
Re: C# Aurora v1.12.0 Patch
« Reply #32 on: October 23, 2020, 12:34:33 PM »
Symantec complained but I believe this was a reputation issue - the file was too new to be considered trustworthy when I downloaded it.  Virustotal only shows one AV engine (Cyren) that gave a positive. 

https://www.virustotal.com/gui/file/da25edb9a0a092ceef5b4a14b3edb23b5e1a33ae2b6e4e741c8eb0f0312d171f/detection
 

Offline Nerfrunner

  • Able Ordinary Rate
  • N
  • Posts: 1
Re: C# Aurora v1.12.0 Patch
« Reply #33 on: November 01, 2020, 06:05:10 PM »
First time swinging back in almost a year and there is a fresh new version.  Thanks for all the hard work!
 

Offline ChubbyPitbull

  • Gold Supporter
  • Sub-Lieutenant
  • *****
  • C
  • Posts: 138
  • Thanked: 27 times
  • Gold Supporter Gold Supporter : Support the forums with a Gold subscription
    2021 Supporter 2021 Supporter : Donate for 2021
    2022 Supporter 2022 Supporter : Donate for 2022
    2023 Supporter 2023 Supporter : Donate for 2023
Re: C# Aurora v1.12.0 Patch
« Reply #34 on: November 18, 2020, 10:58:05 AM »
I have an issue, when I try to download it with Chrome, and only Windows Defender active (W10), I got a warning there is a virus in the .RAR.

I don't want to freak anyone, but can it be only a false positive?

I'm getting this same issue as well with Chrome + Windows Defender, will try other browsers.

EDIT: Same issue using Edge. Here is the report from Windows Defender:


« Last Edit: November 18, 2020, 11:02:02 AM by ChubbyPitbull »
 

Offline ChubbyPitbull

  • Gold Supporter
  • Sub-Lieutenant
  • *****
  • C
  • Posts: 138
  • Thanked: 27 times
  • Gold Supporter Gold Supporter : Support the forums with a Gold subscription
    2021 Supporter 2021 Supporter : Donate for 2021
    2022 Supporter 2022 Supporter : Donate for 2022
    2023 Supporter 2023 Supporter : Donate for 2023
Re: C# Aurora v1.12.0 Patch
« Reply #35 on: November 19, 2020, 12:10:37 PM »
I guess today Windows Defender was happy? Downloaded with no alerts!
 

Offline Migi

  • Captain
  • **********
  • Posts: 465
  • Thanked: 172 times
Re: C# Aurora v1.12.0 Patch
« Reply #36 on: November 20, 2020, 02:36:43 PM »
Maybe Steve could post the SHA hash of the original file so that people can reassure themselves that the file they download is correct?
 

Offline mostly_harmless

  • Petty Officer
  • **
  • Posts: 19
  • Thanked: 3 times
Re: C# Aurora v1.12.0 Patch
« Reply #37 on: December 04, 2020, 07:56:03 AM »
Wanted to do a clean re-install and got a Win Defender warning as well.
"Severe"
"Trojan:Win32/CryptInject!ml"

I guess I will wait til 1.13

Thomas
 

Offline Garfunkel

  • Registered
  • Admiral of the Fleet
  • ***********
  • Posts: 2781
  • Thanked: 1048 times
Re: C# Aurora v1.12.0 Patch
« Reply #38 on: December 11, 2020, 07:42:40 AM »
It's a false positive.

I just re-downloaded in the case that someone would have, somehow, managed to swap the original file with an infected one but nope, it is the safe & original file.

Modern anti-virus scanners use heuristic analysis to stay on top of virus development. https://en.wikipedia.org/wiki/Heuristic_analysis
The downside of it is that you get a lot of false positives, in essence, false alarms.

The scanner isn't saying that it found CryptInject!ml virus on the patch, it's claiming that it detected some code similarities. If there were viruses, lot more people would be complaining and reporting them.
 
The following users thanked this post: mostly_harmless

Offline Erik L

  • Administrator
  • Admiral of the Fleet
  • *****
  • Posts: 5654
  • Thanked: 366 times
  • Forum Admin
  • Discord Username: icehawke
  • 2020 Supporter 2020 Supporter : Donate for 2020
    2022 Supporter 2022 Supporter : Donate for 2022
    Gold Supporter Gold Supporter : Support the forums with a Gold subscription
    2021 Supporter 2021 Supporter : Donate for 2021
Re: C# Aurora v1.12.0 Patch
« Reply #39 on: December 11, 2020, 09:14:36 AM »
I am willing to bet the false positives stem from the obfuscation. That being said, I am NOT asking Steve to remove it :)

Offline Droll

  • Vice Admiral
  • **********
  • D
  • Posts: 1703
  • Thanked: 599 times
Re: C# Aurora v1.12.0 Patch
« Reply #40 on: December 11, 2020, 11:32:50 AM »
I am willing to bet the false positives stem from the obfuscation. That being said, I am NOT asking Steve to remove it :)

Yeah I imagine obfuscation is something a malware developer might use in order to delay the reverse-engineering and counter to their baby, with AV jumping on that common ground.

I guess what Steve could do is somehow get windows certification or something like standard issue video games have but I have absolutely no clue what that entails.
 

Offline Migi

  • Captain
  • **********
  • Posts: 465
  • Thanked: 172 times
Re: C# Aurora v1.12.0 Patch
« Reply #41 on: December 12, 2020, 10:18:11 AM »
I think it's more likely that the obfuscation process makes some part of the Aurora code look like part of the malware by chance rather than the antivirus thinking that obfuscation is a sign of a virus.
Again I think posting the SHA hash would be perfectly suitable for reassuring people that the program they download is the same as what Steve posted.
You can use 7zip to get the hash, although I'm sure there are lots of other dedicated programs.
Although it would be better if the website and forum traffic was encrypted as well.
 

Offline Ayeshteni

  • Petty Officer
  • **
  • A
  • Posts: 23
  • Thanked: 2 times
Re: C# Aurora v1.12.0 Patch
« Reply #42 on: December 13, 2020, 08:10:48 PM »
Yeah, I'm getting the same with Opera and Windows Defender. If it's a false positive, how do I allow it to continue to download?

Aye.
 

Offline RougeNPS

  • Lt. Commander
  • ********
  • R
  • Posts: 217
  • Thanked: 38 times
Re: C# Aurora v1.12.0 Patch
« Reply #43 on: December 13, 2020, 11:39:14 PM »
Sadly i dont have the liberty of just turning off Windef. But try turning it off.
 

Offline Garfunkel

  • Registered
  • Admiral of the Fleet
  • ***********
  • Posts: 2781
  • Thanked: 1048 times
Re: C# Aurora v1.12.0 Patch
« Reply #44 on: December 14, 2020, 12:14:28 PM »
Depending on your version of Windows and your AV program, you might need to make an exception or you need to check "Quarantine" section for the Aurora.exe and manually allow it to be installed/run.