Where did you get your malware scanner from? There are dozens of fake ones out there that randomly mark stuff as 'infected' and ask you to buy their software to clean it.
Looking at the site it seems to be somewhat legit at first glance. Given that others are scanning it with no results you probably got a false positive.
LOVE Backdoor?
Re: LOVE Backdoor?
Malwarebytes is great. I do computer repair work and I use it all the time to remove the kind of programs you're talking about.Ensayia wrote:Where did you get your malware scanner from? There are dozens of fake ones out there that randomly mark stuff as 'infected' and ask you to buy their software to clean it.
Looking at the site it seems to be somewhat legit at first glance. Given that others are scanning it with no results you probably got a false positive.
Re: LOVE Backdoor?
It was a backdoor.bitrose in love.exe. It was the only thing Malwarebytes could find, even after a full system scan. Norton hasn't found anything. I'm going to try reinstalling LOVE. I dunno why something would only infect it and nothing else. I found the malware the day after I installed LOVE.
Re: LOVE Backdoor?
Your copy of love.exe could be infected. Or the in-memory process of running love.exe could be infected. You could check the md5 sum of your love.exe file to compare it with the original (BTW, it would help if such md5 sums were published on the download page!). Here is what I get:Dragon wrote:There was a backdoor in love.exe when I installed love today.
Please explain this.
Code: Select all
$ md5sum love-0.7.2-win-x86.exe
20dd6d33bffc0c2aab1906657fbfeab9 love-0.7.2-win-x86.exe
My lovely code lives at GitHub: http://github.com/miko/Love2d-samples
- bartbes
- Sex machine
- Posts: 4946
- Joined: Fri Aug 29, 2008 10:35 am
- Location: The Netherlands
- Contact:
Re: LOVE Backdoor?
Actually, I heard this very claim once before, afaik it had the same backdoor.bitrose, and the md5sum was identical. At the time I concluded we probably match some badly written rule.
Re: LOVE Backdoor?
I'm not sure what version of malware bytes you're using but Virus Total uses the most updated versions of 42 different virus scanners, most notably NOD32, and it didn't find anything. Every so often I scan a file with VT and see some of the lower-end scanners picking something up but if NOD32 says it's clean, I'm fine. In my opinion NOD32 is easily the best scanner available.Dragon wrote:It was a backdoor.bitrose in love.exe. It was the only thing Malwarebytes could find, even after a full system scan. Norton hasn't found anything. I'm going to try reinstalling LOVE. I dunno why something would only infect it and nothing else. I found the malware the day after I installed LOVE.
@rynesaur
- Taehl
- Dreaming in associative arrays
- Posts: 1025
- Joined: Mon Jan 11, 2010 5:07 am
- Location: CA, USA
- Contact:
Re: LOVE Backdoor?
NOD32 and Sophos (which VT also uses, I think) are both amazing, and personally, I'd trust anything they both said was clean.
Earliest Love2D supporter who can't Love anymore. Let me disable pixel shaders if I don't use them, dammit!
Lenovo Thinkpad X60 Tablet, built like a tank. But not fancy enough for Love2D 0.10.0+.
Lenovo Thinkpad X60 Tablet, built like a tank. But not fancy enough for Love2D 0.10.0+.
Re: LOVE Backdoor?
Using WinMD5free, I get the MD5 of f3a36ca8d2acfca8def3874c88dfeb35.
I'm going to contact malwarebytes about this.
I'm going to contact malwarebytes about this.
Re: LOVE Backdoor?
Three things:Dragon wrote:Using WinMD5free, I get the MD5 of f3a36ca8d2acfca8def3874c88dfeb35.
I'm going to contact malwarebytes about this.
1. I was md5summing love-0.7.2-win-x86.exe file, which is an installer, and is different from the installed love.exe file. I hope you have compared the correct one. You could compare sums of installed love.exe file, if you have access to another computer, and are sure that this computer is not infected with a virus.
2. Always compare md5sum with another known file, i.e. the one you have just downloaded and md5summed on another computer. Trust no one else, even me Except when the md5sums are published on the download site, then you can treat it as official.
3. If the files you compare differ (and so their md5sums differ), that means something is wrong. It could be a virus, or a bad disk sector causing read error, short/damaged file because of installation/transmission problem, or an older version of the file. The antivirus company will not tell you what is wrong, they can only try to find some known signs of a virus (and they do sometimes get it wrong).
My lovely code lives at GitHub: http://github.com/miko/Love2d-samples
Who is online
Users browsing this forum: No registered users and 7 guests