• Welcome to SC4 Devotion Forum Archives.

Anti-virus detects SC4Mapper as virus and removed

Started by WolfGuy100, August 12, 2013, 06:50:04 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

WolfGuy100

This happened to me a while ago. I was just browsing on my laptop as usual until my anti-virus alerted me that SC4Mapper have a trojan virus. I were confused because my AV didn't pick anything up until that day, even I had SC4 Mapper installed. So, I proceed to have it removed and still not sure if I should re-download it or not because I'm worried I could get it again. Anyone know what happened? Thank you

Indiana Joe

SC4 stuff is known to sometimes give false alarms.  On the small chance that it wasn't a false alarm, something could have gotten into SC4Mapper from another source.  The download from the LEX should be perfectly safe as it's a regulated exchange.

WolfGuy100

Funny thing is that I got it from here, on LEX site. It was just fine until recently, it said it's a trojan and got it removed.

qtwqwd

My anti-virus also reported a Virus called BACKDOOR

mgb204

Search Google for the phrase "False Positive".

I'd bet money the file has no such virus. I suspect Backdoor refers to a known security risk, perhaps with an outdated installer file?

The things is, these situations require a judgement call on your behalf. Does the computer know better than you? Or can you ascertain the file is safe and that the AV software may be wrong? *hint* If something's been downloaded by thousands of people without complaint, it's probably fine ;).

bombardiere

My anti-virus program at one time flagged the Sim City 4 exe as a virus. :D and no matter how many times I marked it as safe, the anti-virus kept popping up and claiming that I had a nasty bug running in my computer.  ::) Well, may be it is, considering how many hours I have spent with the game. :D

InvisiChem

I wasn't paying attention to it and had to get my AV to bring SC4 out of quarantine. It flagged it. AV is not perfect. The idea is it is better to have a few false positives than a false negative. A false negative would allow a virus to run rampant and fill your hard drive, corrupt your boot sector, etc. So, to protect against that, it sometimes falsely claims programs unknown to it are a type of virus and prompts you for verification.
Everyone has something to offer, most do not possess the courage to offer it.

mgb204

Quote from: InvisiChem on March 31, 2016, 07:05:54 AM
I wasn't paying attention to it and had to get my AV to bring SC4 out of quarantine. It flagged it. AV is not perfect. The idea is it is better to have a few false positives than a false negative. A false negative would allow a virus to run rampant and fill your hard drive, corrupt your boot sector, etc. So, to protect against that, it sometimes falsely claims programs unknown to it are a type of virus and prompts you for verification.

Well that's half of the story...

Making users feel protected by flagging up false positives is a well known practise. It helps market the product: "look we saved your computer, this AV thing is really worthwhile, eh! Best renew your subscription when it comes up." Meanwhile it can't stop a drive by download infecting you, because it's not doing proper heuristics.

It used to be you'd never get a flag unless the application had something dodgy inside it, or at least looked that way. These days, rather than actually bother to check, some software relies on a list of known safe files. Often, everything else is considered dangerous. Hence little-known specialist programs like this tend to get flagged up often.

InvisiChem

There is the second half lol. And very true. Most of the well known vendors use the known list technique. Off the top of my head, I can't think of a single one that does not.

Well said sir, and great knowledge as always. :)
Everyone has something to offer, most do not possess the courage to offer it.