Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[andylofgren]

I'm very sorry, but your link entitled 'clrmamepro 64bit 4.030a    (exe) (3063kb)' [http://mamedev.emulab.it/clrmamepro/binaries/cmp4030a_64.exe] on your website http://mamedev.emulab.it/clrmamepro/#downloads, is affording a malware download, Threat name: SAPE.Heur.BE5C0.

[Roman]

The files have been scanned with various up2date virusscanners on different machines. None reported a problem. Also the file is hosted on several networks which do scan the files before they mirror them....and last but not least...all the other users who downloaded the file before you didn't report a problem.

I'm very sorry but your virusscanner or whatever is wrong. You got a false positive alert.
Let me guess...Zonealarm?
You should update your virus definitions or switch to something more reliable.

[andylofgren]

It was Norton.

[andylofgren]

I haven't heard that Norton was all that great in the past, however I only use it because we get it for free with our Comcast internet subscription.

[Roman]

Well...as I said....false positives are common things. If you're unsure with a result, double check with a different scanner...or use the zip package version.

[Chad]

Roman, I am not sure if you ever heard of Virus Total https://www.virustotal.com. It's a handy site that allows you to upload fairly large executables (I believe it's up to 128MB now) and scans them with roughly 60 virus scan engines with current signatures from different vendors and gives you the results. It's interesting to see how some vendors report false positives and others clean. It's very easy to use with a drag-and-drop interface, URL or search. Actually you can use it to scan any file type.

All the main vendors are covered and the ones you never heard of too. The details tab has some good logistics information. I use it all the time if I have a "questionable" file. Once a file is uploaded and "finger printed" (SHA-256 hash calculated) you can link the results or if it's a file that's been uploaded prior it will just calculate the hash locally and link the last analysis so you know if a rescan with current signatures might detect something that wasn't prior. Anyway this thread came up while looking for something else and I thought it might be helpful if people have questions or if you haven't heard of it because I find it a very handy tool.

[Roman]

Thanks for the idea but it wouldn't solve the problem of users reporting false positives ;-) Usually they claim their used tool is right and everyone else is wrong and if it reports a problem, it got a problem....but usually they don't know what false positives are....
So as long as you grab it from the official page you'll be on the safe side....and the official url is https://mamedev.emulab.it/clrmamepro/  and not others which might sound more official and have hack tools and/or trojans ready for you

[Chad]

I understand what you're saying completely. I deal with them daily and new threats on edge devices with public facing services through government alerting and other channels watching for threats. No serious virus, trojan, malware or what not has gotten loose on my watch, knock on wood. I always send people their as a "neutral" place to get a second opinion with questionable files. I spent last 22 years working for the state mainly doing firewalls, routers, switches, VMWare and of course virus scan is mine too (uugh! and prior to that a whole lot of years at UPS doing the same. We use enterprise deployment tools pushing to 100's of PCs. I have a fairly complex hierarchy of policy inheritance in place for exceptions and other challenging requests. Unfortunately we aren't a large enough organization to have dedicated IT roles like a bank or something that employees 10's of thousands so we wear many hats on a daily basis.