Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
v1.6 Virus total
#1
Exclamation 
I was excited to see version 1.6 was launched the other day! I like to check any exes with my local AV and virus total when I cant find a checksum. My local AV found nothing, but virus total had 5 hits off of the new release. 

SecureAge APEX: Malicious
Bkav: HW32.Packed.
McAfee-GW-Edition: BehavesLike.Win32.BadFile.vc
Panda: Trj/Genetic.gen
VBA32: Suspected Of Trojan.Downloader.gen.s
Yomi Hunter: MALWARE



I totally acknowledge antivirus is a very tricky thing, and there is a 99.9% change this is a false positive. I have used PCSX2 for years and greatly trust the product and team. However, 5 hits on Virustotal does seem slightly unusual to me. Does anyone have any further info on this, or is it likely due to the recent nature of the 1.6 release? 

Below is the Virustotal scan, and I am waiting on Yomi hunter to finish its analysis. Any suggestions or words of wisdom from the veterans or AV savvy folks out there is greatly appreciated!

Virustotal scan: https://www.virustotal.com/gui/file/fbe07d1afd27ab353daa2afacc2de87d8f5ec69f64bbd9246f31ebfe1731de9b/detection
Reply

Sponsored links

#2
They're false positives, it's pretty much out of control. The only way to get rid of them is to submit the files to the AV providers themselves for analyzing.
CPU: I3-4160 3.6GHZ
Motherboard: Asrock B85M - DGS
RAM: Hyper X Savage 2x8GB 1.6GHZ cl9
GPU: Asus AMD Radeon R7 360 OC 2GB GDDR5
OS: Windows 10 Pro 64bit
Reply
#3
Odds are that it's the recompilers it picks up on. Writing assembly to memory and then executing it *is* suspicious behavior... and also the definition of how JIT works.

--arcum42
Reply
#4
Also worth noting we have been battling various antivirus false positives ever since the later stages of the 1.5.0 development series. More or less around the same time that Dolphin started having builds of theirs flagged, shortly after we started noticing PCSX2 getting hit too. Part of this was due to Microsoft changing some things with Defender and AI based detection, but I think there's also just some rather inconvenient timing here. We'd love to get those cleared, but of course, that means getting it submitted, and hoping they actually would review it.
Problems? Check out the development builds for the latest updates.

Mobo: ASUS Prime Z370-A
CPU: Intel i7-8700K (3.7 GHz)
RAM: G.Skill TridentZ, 2x8 GB DDR4 (3000 MHz)
GPU: EVGA GeForce GTX 1070 Ti FTW2 (8 GB)
OS: Windows 10 Pro (64 bit)

Oh yeah Red Pandas are cool too.


Reply
#5
Quote:Odds are that it's the recompilers it picks up on. Writing assembly to memory and then executing it *is* suspicious behavior... and also the definition of how JIT works.


Last ones I remember being detected were spu2-x and gsdx (sse2 to be precise).
CPU: I3-4160 3.6GHZ
Motherboard: Asrock B85M - DGS
RAM: Hyper X Savage 2x8GB 1.6GHZ cl9
GPU: Asus AMD Radeon R7 360 OC 2GB GDDR5
OS: Windows 10 Pro 64bit
Reply
#6
Awesome! Thank you so much everyone for your time and responses. I really appreciate the explanation and feel way more secure about the incorrectly flagged potential risks above. Security has always been an intimidating field for me, where a detected risk seems like a bottomless hole you cant comprehend without going line by line through source code, but people like all y'all make it that much easier to comprehend and enjoy wonderful projects/products like this, conscious free.
Reply




Users browsing this thread: 1 Guest(s)