nvse_steam_loader.dll file is detected as TROJAN VIRUS.

Question

nvse_steam_loader.dll file is detected as TROJAN VIRUS.

noskill24 opened this issue 2 years ago · comments

noskill24 commented 2 years ago

v6.2.7 - nvse_steam_loader.dll

Please check the link below:

https://www.virustotal.com/gui/file/b45d3db874a26eeafb4d00cd32514ad522414a3ac2bc15e92d8bfd2a6cbf3929

Trooper · Answer 1 · Mon May 02 2022 11:27:07 GMT+0800 (China Standard Time)

I'm fairly positive this detection is false.

RoyBatty64 · Answer 2 · Mon May 02 2022 11:48:34 GMT+0800 (China Standard Time)

McAfee is a virus.

Masamune3210 · Answer 3 · Mon May 02 2022 12:05:13 GMT+0800 (China Standard Time)

It's a false detection, and for possibly the dumbest reason ever. The hint is "Dropper" being in the detection

noskill24 · Answer 4 · Wed May 04 2022 01:33:31 GMT+0800 (China Standard Time)

Previous versions have no problem.

Masamune3210 · Answer 5 · Wed May 04 2022 02:34:02 GMT+0800 (China Standard Time)

Yeah and machine learning is dumb and will take things even built on your own machine and sometimes call it malicious. I don't know what you need to hear, go look at other open source projects. This happens constantly

Masamune3210 · Answer 6 · Thu May 05 2022 03:06:57 GMT+0800 (China Standard Time)

McAfee is a virus is not an uncommon view even among people who like AV solutions, you realize this right? McAfee and Norton are both constantly joked about being as bad as just having nothing at all if not actively worse

Goatexe164 · Answer 7 · Fri Aug 12 2022 15:58:01 GMT+0800 (China Standard Time)

Had a similar thing happen to me with version 6.2.7, details are below.

Detected: Program:Win32/Uwamson.A!ml
Status: Failed

Date: 2022/08/10 08:30
Details: This program has potentially unwanted behavior.

Affected items:

file: C:\Users\Downloads\nvse_6_2_7.7z

webfile: C:\Users\Downloads\nvse_6_2_7.7z|https: / / objects.githubusercontent.com/github-production-release-asset-2e65be/267751826/842f7480-e622-4eab-b090-b0f02a54d0bf?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20220427%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20220427T190705Z&X-Amz-Expires=300&X-Amz-Signature=b8ad809f8470badf610eaa3013ed6ac35635bcc7f1c2dabeae1e8a53ba33da9a&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=267751826&response-content-disposition=attachment%3B%20filename%3Dnvse_6_2_7.7z&response-content-type=application%2Foctet-stream|pid:6360,ProcessStart:132955600313015670

Pretty sure whoever did it was a crypto miner, because whenever I would boot up my PC the CPU, GPU, VRAM and RAM would utilize 100% of their capacity and I was unable to do most things.

Wall SoGB · Answer 8 · Fri Aug 12 2022 15:59:23 GMT+0800 (China Standard Time)

Crap, they are onto us. Close the repo boys.

c6 · Answer 9 · Fri Aug 12 2022 16:02:18 GMT+0800 (China Standard Time)

Are you accusing an open source project of including crypto miners when literally anyone can check the source code and compile it yourself?
Did you read previous comments?

Masamune3210 · Answer 10 · Fri Aug 12 2022 16:03:44 GMT+0800 (China Standard Time)

!ml at the end of the detection string means that the detection was done through machine learning. It causes a lot of false positives. As stated multiple times now, if you got nvse from this GitHub , in no way is it malicious.