Another Image
#1872 posted by Kinn on 2016/02/16 00:25:32
This image shows the culprit file when it detected it on my existing installed version:
http://i.imgur.com/ogwJcHr.png
See that it flags the file quakelibopusfile-0.dll
I'm assuming it's a false positive, but it's stopping me from playing it right now :(
Yeah
#1873 posted by anonymous user on 2016/02/16 00:29:11
delete your HDD, throw the screen out the window(just to be sure), and melt your HDDs with thermite(to be super sure). Thanks Sourceforge!
#1874 posted by Kinn on 2016/02/16 00:29:39
Note that Windows Defender has only just started doing this - the version I had on my PC has been there for a couple of weeks with no problems. Dunno why Defender is sharting over it now :/
I Know The Answer To This
#1875 posted by anonymous user on 2016/02/16 00:32:00
use tails.
Kinn
#1876 posted by ericw on 2016/02/16 01:32:01
Windows Defender isn't detecting anything for me. I just updated the definitions now and am running the latest windows 10.
Would you mind uploading that dll somewhere, or the whole .zip that is being flagged? I'd be curious to see if it has been tampered with or is binary identical to what it should be.
Opus...
#1877 posted by Spike on 2016/02/16 01:37:35
microsoft's virus scanner spuriously detecting false positives in software that uses technology that might be a competitor to their voip product? who'd have thought it!...
Adware Is As Bad As Cancer.
#1878 posted by mfx on 2016/02/16 01:57:17
Once they started this, they prepared their demise. In my view.
Ericw
#1879 posted by Kinn on 2016/02/16 09:22:33
Windows defender removes it so I don't have it to hand but the file that this link downloads has the "trojan" apparently:
https://sourceforge.net/projects/quakespasm/files/Windows/quakespasm-0.91.0_win64.zip/download
Re: Sourceforge
#1880 posted by Tamarisk on 2016/02/16 16:45:19
Hey Guys,
Not to sound like a smug a$$hole, but I did mention problems with Sourceforge a month ago here and was treated poorly by Baker.
You should just move the hosting to GitHub Pages.
We Don't Know It's Sourceforge
#1881 posted by Kinn on 2016/02/16 16:52:04
Right now my bet is it's a false positive. Weird no one else is getting this. Windows 8.1 using up-to-date Defender.
Re: Sourceforge
#1882 posted by Tamarisk on 2016/02/16 16:55:20
Well whether it's a false positive or not, Sourceforge has been caught red handed last year injecting malware into software they host. I wouldn't trust those guys anymore.
#1883 posted by JneeraZ on 2016/02/16 17:06:44
wtf?
@kinn
#1884 posted by Baker on 2016/02/16 17:26:18
Last year the Direct X version of Mark V was continually flagged as a trojan by Microsoft while 61 other file scanning services say it is not a trojan.
As a result, I now I distribute the Direct X version in a separate zip.
It's somewhere in the Mark V thread around post #732
#1885 posted by mh on 2016/02/16 17:40:31
What Tamarisk is referring to is this: http://www.howtogeek.com/218764/warning-don%E2%80%99t-download-software-from-sourceforge-if-you-can-help-it/
Summary:
Developers must opt in to a new "DevShare" feature.
If you opt in, your project gets embedded in SourceForge's custom installer.
That custom installer may bring crapware along for the ride.
Important thing is that if the developer doesn't opt in, none of this happens.
Personally I think that Tamarisk is scaremongering a bit.
O RLY?
#1886 posted by Tamarisk on 2016/02/16 18:11:03
Scaremongering eh? Did you even read that article mh.
While true that the DevShare is opt-in, SourceForge has been caught red handed doing other not so nice things. Repackaging "abandoned" projects for one.
Done And Done
#1887 posted by Tamarisk on 2016/02/16 18:13:06
Anyway, I'm done with this thread until it goes back to the real purpose, to discuss Quakespasm. You know this is just typical of the BS online nowadays. Try to post some useful information and get some nitwit shooting you down. Have a nice day folks.
Home Of The Critics
#1888 posted by Baker on 2016/02/16 18:22:15
Func_msgboard is home of critics. It's what makes this place high quality. Participants here are expected to be able to explain/prove what they say or defend their thought process.
If you want to say Sourceforge is messing with a .dll fine, but you better be prepared to back it up with evidence.
That's just high standards at work.
#1889 posted by Spirit on 2016/02/16 18:25:49
Sourceforge has new owners, clam down...
Antivirus is a fucking laugh.
#1890 posted by JneeraZ on 2016/02/16 19:46:29
"If you want to say Sourceforge is messing with a .dll fine, but you better be prepared to back it up with evidence."
^^ This.
I mean, seriously, dude .. YOU brought it up! Don't get pissy when someone asks you to prove it.
#1891 posted by ericw on 2016/02/16 20:09:12
Kinn, when I download using https://sourceforge.net/projects/quakespasm/files/Windows/quakespasm-0.91.0_win64.zip/download the file I get has this SHA1 sum: 080f764fd7ace0764906a4d524e9463c47731f3a
If you want, check the sha1 on the zip file you download to make sure it's the same.
Here's an alternate download with the dll's:
https://github.com/ericwa/Quakespasm/archive/0.91.0.zip
The libopus-0.dll file is in the subdirectory: quakespasm/Windows/codecs/x64/
Note that this dll should be binary-identical to the one in the quakespasm-0.91.0_win64.zip from SF (it is for me.)
My windows defender info is: http://imgur.com/7OBTNJb
The archive comes up clean with both Windows Defender and Trendmicro HouseCall.
Sorry you had to deal with this, hopefully it's a false positive.
Ericw
#1892 posted by Kinn on 2016/02/16 20:28:05
Thanks - both of those links work for me without Defender shitting a brick :)
The SHA1 I get is 080F764FD7ACE0764906A4D524E9463C47731F3A
which is the same as yours (typical it comes out uppercase making it more annoying to compare hehe)
My defender version is now this: http://i.imgur.com/d9mz5h1.png
So yeah it looks like a false positive and Defender's new virus definitions have sorted that shizzle out hopefully.
Sourceforge
#1893 posted by flp on 2016/02/16 20:30:11
since sourceforge changed it's owners in what 2012 I tried steer away from it. I used to like the service but not anymore. I'm always reluctant when stuff is hosted there and it leaves the impression of an abandoned project.
I don't understand why quaskespasm is hosted there. I don't even care that they changed owners again in 2016 because there's github and that service I do still trust in and also really like.
I'd leave sourceforge just for the sake of not making people download from a site they distrust. I don't care if they get their shit together or not.
#1894 posted by Spirit on 2016/02/16 21:06:09
Yeah, let's put everything on Github because that is never going haywire. Self host, you lazy people... Gitlab is fun.
flp: Read my post above.
Xinput
#1895 posted by shubniggerwrath on 2016/02/26 05:23:05
is this ever going to happen? i cant bring myself to game from a desk when i can game from a recliner.
let me play quake again, please.
#1896 posted by ericw on 2016/02/26 08:22:58
shub: Yes, soon! I have it working pretty nicely - played some of AD with a 360 controller, just need to polish up a few things.
.. continuing from the RRP thread about Barnak's HOMs when using fsaa + "r_oldwater 0" + OSX 10.6...
Baker, I found a workaround, adding "GL_SetCanvas(CANVAS_DEFAULT);" to the end of R_UpdateWarpTextures.
R_UpdateWarpTextures leaves the glViewport configured for the warp texture (the square in the upper-left of the screen), and R_Clear is the next thing to happen after R_UpdateWarpTextures, so my guess is that fsaa activates some code path within the mac GL implementation where glClear is broken and uses glViewport as the area to clear..
Here's what it looked like for reference: http://imgur.com/a/7pF6k
The second shot has gl_clear enabled, but you can see it's only clearing part of the screen.
|