Log in to reply
 

URGENT/ OPEN IV VIRUS



  • Hi everyone,
    Opened up open iv to be greeted by a update notification.
    I did let it update before my kaspery security kicked in and informed me of a Trojan within it. It removed it, but not before multiple files were deleted and thankfully restored-
    0_1493566595323_upload-b70b017d-ef05-4d63-8316-0845deb6fa9e https://i.gyazo.com/f0f1c8d0fdada774c519a1a670ea6464.png

    Anyone else had this?



  • update - after a reinstall everything is ok. Still seems odd tho



  • Never got a problem with false positives on Eset's NOD32 9.0 myself



  • False positive. If OpenIV really were a virus, none of us would be using it to begin with. Again, false positive.



  • @krashadam You shouldn't make this kind of assumption about malware. uTorrent was a great example which proved you can never trust programs unless you can access its source code. Actually, there were some cases where some open source OS were backdoored after a malicious upload on the original website.

    Truth is, you don't know what happens behind the scene. You can only make assumptions by looking deeply into its source code or by dumping the program with active debugging. OpenIV is obfuscated and packed, which makes it even harder to look into (well, not for everyone :wink:).

    In the author's case, the .NET Framework executed by OpenIV seemed to deploy new variables inside its respective registry directory and it is actually harmless.



  • @winject first of all, OpenIV is not obfuscated or packed. Second, OpenIV does not used .NET Framework at all.



  • @GooD-NTS said in URGENT/ OPEN IV VIRUS:

    @winject first of all, OpenIV is not obfuscated or packed. Second, OpenIV does not used .NET Framework at all.

    Which very likely means the OP really WAS using a (re-)packaged version with a virus in it.

    Always and only get OpenIV from their site itself, ppl.


Log in to reply
 

Looks like your connection to GTA5-Mods.com Forums was lost, please wait while we try to reconnect.