Spyware/Adware in Natural Selection 2?
CupOfSquirrels
Join Date: 2010-05-31 Member: 71910Members
Join Date: 2010-05-31 Member: 71910Members
Hi guys, I have the NS2 special pre-order on my Steam account, and today got the following message from my anti-virus, F-Secure:
<!--quoteo--><div class='quotetop'>QUOTE </div><div class='quotemain'><!--quotec-->Spyware deteced:
Type: adware
Family:
Name: AdWare.Win32.AdMedia
Object: C:\Program Files\Steam\steamapps\common\natural selection 2\Builder.exe<!--QuoteEnd--></div><!--QuoteEEnd-->
It says the same about the Cinematic Editor.exe and LaunchPad.exe.
This may just be my anti-virus being paranoid, or the .exes became somehow infected by external malware, but I just thought I'd let you guys and the Unknown Worlds team know about it. Has anyone else encountered this?
<!--quoteo--><div class='quotetop'>QUOTE </div><div class='quotemain'><!--quotec-->Spyware deteced:
Type: adware
Family:
Name: AdWare.Win32.AdMedia
Object: C:\Program Files\Steam\steamapps\common\natural selection 2\Builder.exe<!--QuoteEnd--></div><!--QuoteEEnd-->
It says the same about the Cinematic Editor.exe and LaunchPad.exe.
This may just be my anti-virus being paranoid, or the .exes became somehow infected by external malware, but I just thought I'd let you guys and the Unknown Worlds team know about it. Has anyone else encountered this?
Comments
Not that I think there are any problems, but for spyware, I think you should stick with SpyBot/Adaware (conflicting) and Malwarebytes' Anti-malware. AVG and McAffee are historically for Viruses, whether the have newer features for covering spyware or not.
For a second I thought guys at UWE have a super duper ninja spyware that is checking if we're still playing NS1 ... o_0
No need for that. The microchip in your brain works much better for that cause.
Well, checking for spyware doesn't really make sense since we wrote the code! If our build machine had a virus, then the exe could be infected and modified before we released it, which is why we run virus checkers.
What is more problematic to justify would however be if they spied on external data.
I could see some sort of cheating-prevention system using this kind of behavior in theory, but that's certainly not what's going on here.
I think that is what WoW's warden thing does.
Yeah, it reads process names and compares them to known "bad" programs. It doesn't set off any virus/adware detection alerts as far as I know, though.
6/9/2010 1:47:29 AM Detected: not-a-virus:AdWare.Win32.AdMedia.ko E:\Games\Steam\SteamApps\common\natural selection 2\Cinematic Editor.exe
6/9/2010 1:47:34 AM Detected: not-a-virus:AdWare.Win32.AdMedia.kn E:\Games\Steam\SteamApps\common\natural selection 2\LaunchPad.exe
6/9/2010 1:47:36 AM Detected: not-a-virus:AdWare.Win32.AdMedia.kp E:\Games\Steam\SteamApps\common\natural selection 2\Viewer.exe
Yeah, somehow it managed to hit false positives in all 4 for Kaspersky. :/
6/9/2010 1:47:29 AM Detected: not-a-virus:AdWare.Win32.AdMedia.ko E:\Games\Steam\SteamApps\common\natural selection 2\Cinematic Editor.exe
6/9/2010 1:47:34 AM Detected: not-a-virus:AdWare.Win32.AdMedia.kn E:\Games\Steam\SteamApps\common\natural selection 2\LaunchPad.exe
6/9/2010 1:47:36 AM Detected: not-a-virus:AdWare.Win32.AdMedia.kp E:\Games\Steam\SteamApps\common\natural selection 2\Viewer.exe
Yeah, somehow it managed to hit false positives in all 4 for Kaspersky. :/<!--QuoteEnd--></div><!--QuoteEEnd-->
I'm getting those 4 with Zone Alarm as I posted <a href="http://www.unknownworlds.com/ns2/forums/index.php?showtopic=109848&st=0&gopid=1775022" target="_blank">Here</a>.
If you are even concerned about a FP, just send the file to VirusTotal.com and get better confirmation.
<a href="http://www.virustotal.com/file-scan/report.html?id=519b30fbbb846396205f77598929eafeea263bb182d7f16e9d56ca82d4d808df-1282737206" target="_blank">http://www.virustotal.com/file-scan/report...08df-1282737206</a>
Also, Max... AVG and McAfee? For shame...
I do a lot of virus/anti-virus research, and those two tend to disappoint. Especially when McAfee released that deffinition update that brought 10s of thousands of PCs to their knees by detecting a critical Windows system file and deleting it. haha
However, they are far better than nothing and using the two in conjuncture helps confirm FPs.
NOD32, Kaspersky, and avast! are at the top of my recommendations.
<!--quoteo(post=1796220:date=Aug 25 2010, 07:17 AM:name=gone09)--><div class='quotetop'>QUOTE (gone09 @ Aug 25 2010, 07:17 AM) <a href="index.php?act=findpost&pid=1796220"><{POST_SNAPBACK}></a></div><div class='quotemain'><!--quotec-->Hello.I have scanned with Kasperky antivirus but i did not find any viruses.I am sure that my antivirus is a good one because I updated it from top ten best antiviruses <a href="http://www.best-antivirus.co/" target="_blank">http://www.best-antivirus.co/</a>
good luck<!--QuoteEnd--></div><!--QuoteEEnd-->
Never trust "Top Ten" sites like that.
I'd go somewhere like <a href="http://www.av-comparatives.org/index.php" target="_blank">AV Comparatives</a> or <a href="http://www.virusbtn.com/index" target="_blank">Virus Bulletin</a>.
Max, I'd recommend MSE, Avast, or Avira over AVG for your free anti virus. They all have better detection rates, and generally are much more light on system resources. Just a friendly heads up!
They may be using the pay-for version of AVG. Either way, it's fairly lame. Although, it's better than McAfee.
MSE is great for mom-and-pop home users, but I wouldn't recommend it for power-users, you can't tweak it at all.
Yeah, bet we're bored and need something to talk about.
Thread lock or move in 3..2...1....
Dont ask and i dont say xD
i just scanned all 4 of them and there was nothing.