My ue.exe v3.0.4 file has been identified as a virus by Avast! antivirus program. This prevents me from running it. Has anyone else encountered this problem?
It come up as a virus type - Win32:Malware-gen
Steve.
UE flagged up as a virus
Re: UE flagged up as a virus
Is it trial or registered 32 bit or 64 bit?
Did it work ok for some time or it showed this right after upgrading? Is the file size is right (around 1.5MB for 32 bit and 2MB for 64 bit)?
Or, better, can you rar the executable and email it to alexbirj at gmail dot com, I'll compare it with the original compilations without running it, if the file is different you will know for sure your computer has been infected with a virus; if it is misidentification I can add one line of code and recompile the file so the compressed executable will be completely different.
Did it work ok for some time or it showed this right after upgrading? Is the file size is right (around 1.5MB for 32 bit and 2MB for 64 bit)?
Or, better, can you rar the executable and email it to alexbirj at gmail dot com, I'll compare it with the original compilations without running it, if the file is different you will know for sure your computer has been infected with a virus; if it is misidentification I can add one line of code and recompile the file so the compressed executable will be completely different.
Re: UE flagged up as a virus
I'm getting the same with Kaspersky Internet Security 2011. UE.exe gets deleted as soon it is installed.
It only happens with UE 3.0.4 registered version (didn't try unregistered though) and only with the 32 bit version!
It only happens with UE 3.0.4 registered version (didn't try unregistered though) and only with the 32 bit version!
Re: UE flagged up as a virus
It's the full 32 bit version.
But since then I have downloaded it again in case I really had a virus. You seem to have 2 versions of 3.0.4 - the one I downloaded on 15th August (3.0.4) and the current one (3.0.4b). The current one works okay.
The downloaded file does not show up as a virus - but won't install now without an alert. I'll email you the downloaded image so you can check it (if my A/V will let me!) . It might just be a false positive.
Steve.
But since then I have downloaded it again in case I really had a virus. You seem to have 2 versions of 3.0.4 - the one I downloaded on 15th August (3.0.4) and the current one (3.0.4b). The current one works okay.
The downloaded file does not show up as a virus - but won't install now without an alert. I'll email you the downloaded image so you can check it (if my A/V will let me!) . It might just be a false positive.
Steve.
Re: UE flagged up as a virus
I suddenly have the same problem: I must have been using the UE executable version 3.04 for about a week, but today it suddenly disappeared from the folder. If I reinstall it, it stays for a few seconds and then disappears again. It is the McAfee anti-virus program that does the deleting, I can see it in the quarantaine map marked as a Trojan and I sent it to McAfee (though I have little hope they will do anything about it!)
I also downloaded version 3.04b and this is fine!
I hate McAfee labelling all these executables as virus
I also downloaded version 3.04b and this is fine!
I hate McAfee labelling all these executables as virus
Regards, Hubert
Re: UE flagged up as a virus
Got the file, so it is the original 3.0.4 executable.
I thought it is only kaspersky, someone emailed me several days ago, I recompiled it was the same problem, I added a single line of code and the problem was gone, so I reuploaded the newly compiled file, noone complained on forum so I didn't do any announcement since it is not UE problem.
Yes, in the current file from the site, you'll see 3.0.4b in help menu->about register, the misidentification was only with the original 32 bit registered version.
Compressed executable means there is high randomality, I'm not sure about probabilities, it is the first time it happens.
The compressed executable changes completely if to change source code a bit, so such issues can be easily resolved.
The original file is still there http://www.usenetexplorer.com/ue304reg32kaspersky.exe if someone wants to contact antivirus product support.
I thought it is only kaspersky, someone emailed me several days ago, I recompiled it was the same problem, I added a single line of code and the problem was gone, so I reuploaded the newly compiled file, noone complained on forum so I didn't do any announcement since it is not UE problem.
Yes, in the current file from the site, you'll see 3.0.4b in help menu->about register, the misidentification was only with the original 32 bit registered version.
Compressed executable means there is high randomality, I'm not sure about probabilities, it is the first time it happens.
The compressed executable changes completely if to change source code a bit, so such issues can be easily resolved.
The original file is still there http://www.usenetexplorer.com/ue304reg32kaspersky.exe if someone wants to contact antivirus product support.
Re: UE flagged up as a virus
I've contacted my a/v supplier - avast!
I guess these suppliers must work together, with their a/v signatures.
Steve
I guess these suppliers must work together, with their a/v signatures.
Steve
Re: UE flagged up as a virus
Alex,
When you say "compressed executable", are you then referring to the file UE.exe with a size of 1.545.216 bytes that I run when I use UE? Something like UPX from http://sourceforge.net/projects/upx/ ?
When you say "compressed executable", are you then referring to the file UE.exe with a size of 1.545.216 bytes that I run when I use UE? Something like UPX from http://sourceforge.net/projects/upx/ ?
Regards, Hubert
Re: UE flagged up as a virus
uncompressed would be around 4MB.
there are not so many executable compressing utilities around, antiviruses could easily detect the uncompressing loader and not to mess with the pseudo-random data which it is loading.
i remember not so long time ago it was in headlines antivirus (mcfee?) mistook a windows system dll for a virus preventing the system to run, so probably they don't analyze their products from the misidentification by keeping the probability negligible, rather likely they just test certain system configurations and this is it.
maybe their point is the antivirus which will find a virus in every executable will stop all current and future threats for sure
there are not so many executable compressing utilities around, antiviruses could easily detect the uncompressing loader and not to mess with the pseudo-random data which it is loading.
i remember not so long time ago it was in headlines antivirus (mcfee?) mistook a windows system dll for a virus preventing the system to run, so probably they don't analyze their products from the misidentification by keeping the probability negligible, rather likely they just test certain system configurations and this is it.
maybe their point is the antivirus which will find a virus in every executable will stop all current and future threats for sure
Re: UE flagged up as a virus
LOL
I have at least 4 executables/installers that have been tagged as Trojans by McAfee - they say "send them to us and we will check them" but never any response. I have to disable the AV program temporarily to be able to install certain updates. Nobody seems to try your solution to avoid false positives!
I have at least 4 executables/installers that have been tagged as Trojans by McAfee - they say "send them to us and we will check them" but never any response. I have to disable the AV program temporarily to be able to install certain updates. Nobody seems to try your solution to avoid false positives!
Regards, Hubert
Re: UE flagged up as a virus
The 32 bit version, both trial and registered triggers a trojan warning on Norton security suite when I attempt to execute the program by double clinking on its icon. Norton then sequesters the program.
Re: UE flagged up as a virus
Is it version 3.1? Noone complained yet for more than a week, with v3.0.4 when there was signature false positive I got reports almost immediately after release.
Is it the same threat or different threats?
Given the executables are pseudo-random (compressed) - it is extremely unlikely antivirus will falsely detect problems with two different compilations.
I checked 3.1 with Norton here - no problem, btw. even with 3.0.4 original registered version which triggered false alarms in Kaspersky, Avast and McAfee (according to user reports above) - Norton doesn't detect any issue.
Is it the same threat or different threats?
Given the executables are pseudo-random (compressed) - it is extremely unlikely antivirus will falsely detect problems with two different compilations.
I checked 3.1 with Norton here - no problem, btw. even with 3.0.4 original registered version which triggered false alarms in Kaspersky, Avast and McAfee (according to user reports above) - Norton doesn't detect any issue.