Current time: 21.11.2024, 23:06 Hello There, Guest! (LoginRegister)
Language: english | russian  

Post Reply 
Threaded Mode | Linear Mode
ERA II
Author Message
armand Offline

Posts: 6
Post: #76

gamecreator's Era version is 2.461 while Valery's is 2.46.
The binary files differ. What is different between 2.461 and 2.46?

In both archives the following files seem infected:

buttons.dll - Suspicious.Cloud.7.F
defka.exe - Trojan.Gen.2
repman.exe - Trojan.Gen.SMH
lodimport.exe - Trojan.Gen.SMH

The self-extracting archive 2.461 itself is containing Heur.AdvML.B

Thanks once again!
23.07.2016 03:36
Find all posts by this user Quote this message in a reply
Valery Offline

Posts: 2196
Post: #77

Is your antivirus which is bad. Cheap/free antiviruses will reports any false positives. Use kaspersky, norton, or scan Era with their tools, you will see is clean.
23.07.2016 03:41
Find all posts by this user Quote this message in a reply
armand Offline

Posts: 6
Post: #78

I'm using Norton.
23.07.2016 03:55
Find all posts by this user Quote this message in a reply
Valery Offline

Posts: 2196
Post: #79

Then I don't know, I use both Norton and Kaspersky (the premium versions) and of course they say is safe.
23.07.2016 04:25
Find all posts by this user Quote this message in a reply
gamecreator Offline

Posts: 7107
Post: #80

armand, it's not "my" ERA, it's official. You aren't going to find any better. I don't know why it is named 2.461.
As for antiviruses, ERA is a mod and a modding platform, meaning it changes the game code while the game is running to implement its functionality. Of course it would be considered suspicious, as viruses do the same. As you may see from your results, the antivirus declares ERA components or various tools a virus based on unreliable heuristic indications. Antiviruses aren't perfect, armand, sometimes they need to be overruled by common sense.


When all gods have burnt to ashes in eternity of sorrow,
Demons gonna tear your soul because there is no tomorrow.
23.07.2016 12:16
Find all posts by this user Quote this message in a reply
armand Offline

Posts: 6
Post: #81

gamecreator, perhaps you are right.

It seems that only the self-extractor issue was caught by heuristics.

If "your" version is the official 2.46 then it doesn't make sense to be different than Valery's 2.46 version (if his is also the official). Yet, they are binary different.

As for the ERA being a modding platform - can't we say the same thing about WoG 3.58f?
Yet, I've never come across virus thread while scanning WoG. This might be due to the .wog files though.

Anyway, thank you both for the help guys, I'll try once more without heuristics to see if that helps.
25.07.2016 13:59
Find all posts by this user Quote this message in a reply
gamecreator Offline

Posts: 7107
Post: #82

(25.07.2016 13:59)armand Wrote:  If "your" version is the official 2.46 then it doesn't make sense to be different than Valery's 2.46 version (if his is also the official). Yet, they are binary different.
Valery's version is older.
(25.07.2016 13:59)armand Wrote:  As for the ERA being a modding platform - can't we say the same thing about WoG 3.58f?
Yet, I've never come across virus thread while scanning WoG. This might be due to the .wog files though.
There were such threads, haven't seen any recently though. Perhaps WoG is so old and widespread that antivirus developers added it to exceptions. Also WoG is mostly internal: it is contained within the exe file itself. ERA is mostly external.


When all gods have burnt to ashes in eternity of sorrow,
Demons gonna tear your soul because there is no tomorrow.
25.07.2016 14:34
Find all posts by this user Quote this message in a reply
Valery Offline

Posts: 2196
Post: #83

I don't think there are any differences between, I hold the version Bersy put on his site too. I don't recall him having updated 2.46, it was planned to be re-released with erm help additional codes but it didn't. Probably differences from packing process?
25.07.2016 20:10
Find all posts by this user Quote this message in a reply
gamecreator Offline

Posts: 7107
Post: #84

No, there is a difference. era.dll is dated later (18.07.13) and you can see the changes in source code, though I'm not sure what they mean. Something to do with ERA's file system. You must have downloaded it before the change and then put what you had on the side instead of redownloading.


When all gods have burnt to ashes in eternity of sorrow,
Demons gonna tear your soul because there is no tomorrow.
25.07.2016 20:32
Find all posts by this user Quote this message in a reply
Valery Offline

Posts: 2196
Post: #85

Ah I see, wasnt aware of dll. Will update my version as soon as I have access again to wakeofgods.
25.07.2016 21:07
Find all posts by this user Quote this message in a reply
armand Offline

Posts: 6
Post: #86

The differences are in era.dll, eramap.dll and small changes in some sources - mainly in version string (gamecreator's copy is version 2.461) but also in some functions regarding canonical names.

FYI I re-scanned for viruses with heuristic detection turned off and again detected:
Trojan.Gen.2 in defka.exe and
Trojan.Gen.SMH in lodimport.exe and repman.exe

I think I'll stick to WoG 3.58f for now, thank you for all the help and suggestions.
(This post was last modified: 26.07.2016 03:18 by armand.)
26.07.2016 03:16
Find all posts by this user Quote this message in a reply
igrik Offline
Administrators

Posts: 2819
Post: #87

armand Wrote:FYI I re-scanned for viruses with heuristic detection turned off and again detected:
Trojan.Gen.2 in defka.exe and
Trojan.Gen.SMH in lodimport.exe and repman.exe
If you do not trust, delete the two files manually. Functional ERA will not be harmed.


game bug fixes extended.dll || My Plugins || My GitHub
26.07.2016 10:46
Visit this user's website Find all posts by this user Quote this message in a reply
gamecreator Offline

Posts: 7107
Post: #88

armand, your loss.


When all gods have burnt to ashes in eternity of sorrow,
Demons gonna tear your soul because there is no tomorrow.
26.07.2016 10:58
Find all posts by this user Quote this message in a reply
v3r3r Offline

Posts: 58
Post: #89

(05.02.2012 00:05)Berserker Wrote:  Download: Direct link

Сервер не найден..
21.01.2017 12:51
Find all posts by this user Quote this message in a reply
Bes Offline

Posts: 5422
Post: #90

v3r3r, зеркало
https://yadi.sk/d/wmkrv2om7Dth2
22.01.2017 00:22
Visit this user's website Find all posts by this user Quote this message in a reply
« Next Oldest | Next Newest »
Post Reply 


Forum Jump:

Powered by MyBB Copyright © 2002-2024 MyBB Group