Debriefing > General Goldeneye

GoldenEye_Source_5.0.0_to_5.0.6_patch.exe has a very possible malware problem.

<< < (2/2)

Entropy-Soldier:
From my understanding, UAC.dll is part of an NSIS plugin used by the installer to elevate to the privileges required for a proper install of the game.  It should exist in the full installer the AV companies have actually investigated and consider safe, so just take that dll out of a vetted installer and the one you consider dangerous and compare the hashes.  If they're the same, I hope that alleviates your concerns.  If not, it's always possible to analyze the program yourself by running it in a VM or using static analysis to see exactly what each windows API call is doing.

AV heuristics is a pretty tough thing to get right and some companies are very zealous about it.  For some companies even the most basic modification of system resources, the entire purpose of an installer, is enough to get flagged.  With something that's been around as long as the 5.0.6 patch installer, it's pretty likely that if it was an actual virus there would be more than heuristic detections popping up by now.


That being said, thank you for your concerns and for bringing this to our attention!  We did indeed have issues during launch with certain AV companies thinking our installer was a virus, which took longer than we'd have liked to have cleared up, so we're working on making false positives a lot less likely come the release of the next version of the game.  As you've pointed out, another reason for this is that being flagged as malicious at any point at all can leave a bad mark on the program even if it's later cleared, which is something I didn't really consider before.  In the meantime hopefully we can get our patch installer vetted by the AV companies, an effort you've been kind to contribute to, and clear its name as best we can.

Thanks again!

Navigation

[0] Message Index

[*] Previous page