Jump to content

Aemony

Administrator
 View Profile  See their activity

  • Content Count

    331

  • Joined

  • Last visited

  • Days Won

    60

 Content Type 

File Comments posted by Aemony

    Posted

    11 hours ago, cwgzz said:

    I wouldn't download this since it contains a Program:Win32/Wacapew.B!ml virus. I don't even know if Rose is legit or not. 

    Hi, modern day anti-malware suites work more and more on machine learning, which means it uses a dumb algorithm to determine whether a file is malicious or not based on how much similarity it has to actual malware. As far as I can tell this is what the "!ml" at the end means -- it's a match based on a machine learned algorithm that was trained on malicious and non-malicious files (but apparently without any modding related files in the data set it was trained on...).

    As a result, and as mentioned in the file description, basically any file that uses CheatEngine components to manipulate the memory of another process tend to get flagged as malicious by the machine learning algorithm since, well... I imagine it is because it changes the memory of another process... Which is exactly what it was designed to do and what players want it to do...

    Rose has a long history of creating and uploading CheatEngine based mods to PCGamingWiki, so they are as "legit" as one can be in today's environment where false positives of gaming related mods/patches are a dime a dozen, though ultimately it's up to you whether you want to run the tool or not. 

    XInput Plus v4.15.2.90

    in Tools

    3,822    4

    Posted

    Thanks -- I've approved this one and made various changes to get the two versions more in line with one another.

     

    Depending on what other staff members think, we might end up merging the two files into one, since the community site supports multiple versions for each file.

    Posted

    Hi,

     

    PCGW is generally against bypassing DRM and such, see the wiki policy.

    I noticed that the developers were still semi-active on the Steam forums for another one of their titles, and this game is still being sold on Steam. Have you tried reaching out to them on admin@dreamssoftgames.com about the issue? I imagine they might be able to fix the issue properly on their end or, possibly, upload a copy without this issue.

     

    Cheers!

    Posted

    @asabarabi, sadly it seems the forum software can't handle the name of the file you uploaded. Can you remove any special characters etc and ensure the file name is only named using regular Latin characters such as A-z, 0-9, and dots/underscores/dashes, etc ? Then re-upload the file again by using "File Actions ->  Upload a new version".

    image.png

    Posted

    21 hours ago, linkolead said:

    Windows 10 is recognizing the file as a  virus and not allowing it to run at all.

    "operation did not complete successfully because the file contain a virus or potentially unwanted software"

    Probably a false positive, though you've to decide yourself whether to 'trust' the file or not. PCGW in general does not guarantee  the safety of files, and due to the numbers of false positives occurring in gaming related files -- particularly those created using e.g. Cheat Engine -- we usually don't remove uploaded files either due to "virus detections".

    See the "Virus detected in PCGamingWiki file" section for a bit of context.

    Posted

    39 minutes ago, cbk@csolutions.no said:

    This is A virus, Trojan. Do not use!

    Reports as Trojan:Win32/Glupteba!ml

    Astroneer FOV - Steam.exe

    https://blog.malwarebytes.com/detections/trojan-glupteba/

     

    The last part of the recognized virus definition “!ml” suggests the definition was created through machine learning. Basically there is an extremely high chance of it being a false positive.

    @Rose is otherwise a well-known and recognized ultrawidescreen modder whose patches occasionally runs into AV’s false positives.

    @cbk@csolutions.no, at the end of the day you yourself have to determine if you put your trust in a stranger online, but for what it’s worth, I personally highly suspect this is a false positive. Of course I can’t say for certain, but then nobody really can unless they created the executable themselves.

    Posted

    6 hours ago, patrxgt said:

    Launcher has been cut from the official edition of the game purchased in Poland, which was published here by Cenega, so it cannot contain viruses.

    Of course I can publish the password version, but what is this for? It will only make the process of installing the Polish language more difficult.

    It isn't about whether the file is actually malicious or not -- it's intended to protect PCGamingWiki from automatic flagging by third-party internet safety scanners like for example Google's Safe Browsing filter.

    You can read more about it in the files section of the editing guide: https://www.pcgamingwiki.com/wiki/PCGamingWiki:Editing_guide/Files#Password_protection_policy

    Posted

    Hi,

    Can you upload a password protected version of the archive? The launcher packaged in this archive triggers AVs.

    Click on File Actions -> Upload a new version at the bottom of the "About This File" section to upload a new version of the file.

    Cheers!

    Posted

    Hi!

    Am I correct in assuming this acts as a crack and effectively disables Steam API related features as well as the ownership check of the Steam copy?

    PCGW attempts to distance itself from cracks, so the use of steam_api64.dll as the DLL injection point makes it currently questionable whether we should approve the upload or not.

    If possible, then I highly recommend using some other DLL as the injection point such as D3D12.dll or DXGI.dll.

×
×
  • Create New...