VIRUS #596
Comments
|
False Positives... |
|
False positives? That seems a bit much for false positives tbh |
|
yeah, super sketch |
|
Glad to see I'm not alone to think so. I would suggest steering clear of UABE and using something like https://github.com/Perfare/AssetStudio or https://pypi.org/project/UnityPy/ To be honest, even if this gets fixed, I'm not sure if I'd trust it ever again. It's easy to remove a malware from an installer and just put in custom code to download and install it, no AV would detect anything until it's too late. |
That many detections for a false positive? I doubt it. |
|
this file was reuploaded and was injected with malicious code |
|
same kind of problem with google and blender but they are paying google to have a fake blender website as one of the top search result the real blender website is under all those fake ones |
I don't know why you are seeing a fake blender website on top of your results, but I don't get that. |
|
I'm going to post this comment as hopefully a last message for people reading these threads. Please don't post anything after this unless it is useful to others reading these threads. UABE does in fact appear to be a virus, so I would avoid using it for now. I would suggest using UABEA which was and is a valid replacement before UABE was updated and/or opensourced. UABEA may (and is) still buggy, so be aware of that. Again I would entirely stay away from UABE as there has been no proof that it is not a virus, where many pieces of antivirus software (including Windows Defender) pick it up as malicious. Until this has been resolved, stay well clear of UABE, and if you need a replacement, use UABEA |
|
Actually, I would recommend 2.2 b or other 2.2 version of UABE. Personally not a fan of the UABEA layout and it's also missing a few key features for modding, such as mesh modding and audio files, the only thing you can do is textures. By using 2.2 you can do whatever but only for games with Unity 2019.2 though. [Follow up on Ecorous messages.] |
they just pay google to be the top search result I think google should do something about that |
|
might be a false positive for uabe 2.2 but I still don't trust |
|
I fully encourage people to use uabe beta 1 |
|
Indeed however you can't install it now due to virus detection, 2.2 is fine though. |
What exactly are you searching for then lol A simple google search for "blender", gives the correct website right on top, Blender.org |
it was a fake blender.org |
Do you mean like this? Regardless, there is only one https://www.blender.org so if they say something else then it's of course fake. |
|
yes
yes |
|
It's not a fucking virus. |
28 times. Once to each AV companies. |
|
Let me guess, people are gonna make 28 issues on this repo instead of reporting it to AV companies? |
|
It's your code, triggering the scanners. You're the only one who can address it. https://weblog.west-wind.com/posts/2016/oct/05/dealing-with-antivirus-false-positives |
|
btw it doesn't work |
Tell that to the browsers/systems lmao. People will report it until it has been fixed. The 3.0 Beta 1 comes out as a virus detection for unknown reasons, however the 2.2 is fine. |
|
I'd like to add something actually constructive to this somewhat flamewar of a discussion. First off, the detection only occurs in TypeTreeGenerator.exe. Meaning if you delete that one file, the rest of the software should be safe to use. Notably, it is the only part of the program written in C#. Suspecting the Mono compiler used, I tried building it using MSBuild 12. The resulting executable triggered 4 warnings. Significantly less than the bundled one, but not zero. I did use the bundled Mono.Cecil and Mono.Cecil.Rocks, but neither of these triggered a warning when scanned directly. For completeness, I downloaded the official Mono.Cecil package, and tried compiling with that. I got the same 4 warnings. I also verified my own build environment is clean by scanning a different program compiled on it, and the result was clean. I suspect that they are simply detecting the use of Mono.Cecil, a disassembly tool, as a threat. Nevertheless, it's way less than the ~30 triggers for the official binary. A quick view of the code doesn't show anything suspicious, so I'm suspecting a compromised build environment. If using Mono as a build tool, I honestly just recommend doing reproducible builds using Docker. For users, I just recommend deleting that one binary. If disassembly isn't a needed feature, it's better and safer to just go without. Also, for the sake of people with hyperactive antiviruses, it might be a good idea to make a downloadable package without that file. |
|
Duplicate of #479. |
this, i cannot even extract it, so how the hell am i to delete that "one" file |
This is unacceptable. Virus or not fix it.
The text was updated successfully, but these errors were encountered: