Rocksolid Light

Welcome to RetroBBS

mail  files  register  newsreader  groups  login

Message-ID:  

"In short, _N is Richardian if, and only if, _N is not Richardian."

computers / comp.sys.ibm.pc.games.action / Re: Dreamcather's Project Earth - Malware?

SubjectAuthor
* Dreamcather's Project Earth - Malware?David Trevi
`- Re: Dreamcather's Project Earth - Malware?Spalls Hurgenson

1
Dreamcather's Project Earth - Malware?

<fcaf6706-e6ea-4aa4-aa93-befc5261757bn@googlegroups.com>

  copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=111416774&group=comp.sys.ibm.pc.games.action#111416774

  copy link   Newsgroups: comp.sys.ibm.pc.games.action
X-Received: by 2002:a05:620a:20cc:b0:781:995a:c3f6 with SMTP id f12-20020a05620a20cc00b00781995ac3f6mr67695qka.7.1704136172970;
Mon, 01 Jan 2024 11:09:32 -0800 (PST)
X-Received: by 2002:a25:664d:0:b0:db4:6936:48b7 with SMTP id
z13-20020a25664d000000b00db4693648b7mr6090068ybm.2.1704136172694; Mon, 01 Jan
2024 11:09:32 -0800 (PST)
Path: i2pn2.org!i2pn.org!usenet.blueworldhosting.com!diablo1.usenet.blueworldhosting.com!peer03.iad!feed-me.highwinds-media.com!news.highwinds-media.com!news-out.google.com!nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
Newsgroups: comp.sys.ibm.pc.games.action
Date: Mon, 1 Jan 2024 11:09:32 -0800 (PST)
Injection-Info: google-groups.googlegroups.com; posting-host=2601:2c0:4480:1800:8180:a857:765:c062;
posting-account=-X3BfAoAAAAgsglGMFM1xJpAH-EZksw8
NNTP-Posting-Host: 2601:2c0:4480:1800:8180:a857:765:c062
User-Agent: G2/1.0
MIME-Version: 1.0
Message-ID: <fcaf6706-e6ea-4aa4-aa93-befc5261757bn@googlegroups.com>
Subject: Dreamcather's Project Earth - Malware?
From: david.trevi.music@gmail.com (David Trevi)
Injection-Date: Mon, 01 Jan 2024 19:09:32 +0000
Content-Type: text/plain; charset="UTF-8"
X-Received-Bytes: 1405
 by: David Trevi - Mon, 1 Jan 2024 19:09 UTC

Why is the Project Earth creating Malware, "Win32.Localinfect.2?"

I found a CD Rom that I had loaded up previously on Windows 7 and wanted to play again on windows 10. Clean software, never exhibited a malware response, but now it's showing and my game won't play as my antivirus is nixing it.

Any suggestions beside a possible false positive?

Re: Dreamcather's Project Earth - Malware?

<a246pi9v6on5mrsh556j0vn3t8ruumncqr@4ax.com>

  copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=111416775&group=comp.sys.ibm.pc.games.action#111416775

  copy link   Newsgroups: comp.sys.ibm.pc.games.action
Path: i2pn2.org!i2pn.org!newsfeed.endofthelinebbs.com!usenet.blueworldhosting.com!diablo1.usenet.blueworldhosting.com!feeder.usenetexpress.com!tr1.iad1.usenetexpress.com!69.80.99.26.MISMATCH!Xl.tags.giganews.com!local-2.nntp.ord.giganews.com!news.giganews.com.POSTED!not-for-mail
NNTP-Posting-Date: Mon, 01 Jan 2024 19:31:41 +0000
From: spallshurgenson@gmail.com (Spalls Hurgenson)
Newsgroups: comp.sys.ibm.pc.games.action
Subject: Re: Dreamcather's Project Earth - Malware?
Date: Mon, 01 Jan 2024 14:31:41 -0500
Message-ID: <a246pi9v6on5mrsh556j0vn3t8ruumncqr@4ax.com>
References: <fcaf6706-e6ea-4aa4-aa93-befc5261757bn@googlegroups.com>
X-Newsreader: Forte Agent 2.0/32.652
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Lines: 40
X-Usenet-Provider: http://www.giganews.com
X-Trace: sv3-Ru6RM8AZW5eMZK+0wrrK0JuQBpmY/fPxJAM+JE83I0DL1CHw5ua94T59VYDsYLP6E8QFZmHpJcBACj8!X9bNk+law4uaCwvlL2w39PEvbpYUWE2yGwiZ7VL/G0T+FPBVuHwv7NmmOckFiIt5oi3NqLE=
X-Complaints-To: abuse@giganews.com
X-DMCA-Notifications: http://www.giganews.com/info/dmca.html
X-Abuse-and-DMCA-Info: Please be sure to forward a copy of ALL headers
X-Abuse-and-DMCA-Info: Otherwise we will be unable to process your complaint properly
X-Postfilter: 1.3.40
 by: Spalls Hurgenson - Mon, 1 Jan 2024 19:31 UTC

On Mon, 1 Jan 2024 11:09:32 -0800 (PST), David Trevi
<david.trevi.music@gmail.com> wrote:

>Why is the Project Earth creating Malware, "Win32.Localinfect.2?"
>
>I found a CD Rom that I had loaded up previously on Windows 7 and wanted to play again on windows 10. Clean software, never exhibited a malware response, but now it's showing and my game won't play as my antivirus is nixing it.
>
>Any suggestions beside a possible false positive?

I'm not familiar with "Project Earth" but I think it's unlikely to be
a legitimate positive. While it is not impossible for pressed, retail
CD-ROMs to ship with viruses (especially games released by smaller
publishers), it was a fairly rare occurence.

False positives are more common. One way to minimize them is to check
against other antivirus tools, something that's much easier these days
than it was 'back in the day' thanks to tools like VirusTotal. Just
upload the 'infected' file (the one that triggered your antivirus
program) to https://www.virustotal.com/gui/home/upload and see what it
says. If you get multiple hits, distrust the game. On the other hand,
if it's only your AV that is nagging you, I'd consider the game safe.

The issue has to do both with changes to antivirus and programming
techniques used by game developers. Unlike in the past, when most
antivirus programs triggered off of 'signatures', modern AV uses
heuristics to look for patterns of behavior that are often used by
malware. Older games - and "Project Earth", from 2002, certainly
qualifies - often used various hacks and tricks to better their
performance. These hacks sometimes resembles the same behavior used by
modern malware, and that can confuse modern AV. This is especially
noticable in games released before Windows Vista (released 2006),
after which Microsoft really cracked down on 'illegal' programming
techniques to better Windows' security and stability.

Of course, if you're downloading the game illicitly, all bets are off.
Delete the files, trash the CD, and burn your PC. It's the only way to
be sure. ;-)

computers / comp.sys.ibm.pc.games.action / Re: Dreamcather's Project Earth - Malware?

1
server_pubkey.txt

rocksolid light 0.9.81
clearnet tor