Home Forum Downloads News Upgrade to Premium Help File
 
mmoviper affiliates
MMOViper - The Only Site You'll Ever Need For MMO Leveling Bots and Radar Hacks
Username:   Password:   Log me on automatically each visit  
 

Post new topic This topic is locked, you cannot edit posts or make further replies.  [ 5 posts ] 
Author Message
 Post subject: AV Alert
PostPosted: Mon Sep 29, 2014 11:15 pm 
Offline

Joined: Fri Jul 18, 2014 5:59 pm
Posts: 3

Hi my AV gave alert on the new ffxiv bot so I checked online : https://www.virustotal.com/fr/file/6112 ... 412031997/

8 positives

Should we be worried ? And when unzipping the file, it tried to change my UAC too.


Top
 Profile  
 Post subject: Re: AV Alert
PostPosted: Tue Sep 30, 2014 1:19 am 
Offline
Site Admin

Joined: Tue Oct 16, 2007 7:01 am
Posts: 20323

No virii/trojans in viper. It is because of the way that the bot interacts with games, always makes it seem suspicious. Normally programs do not go around reading and interacting with other running programs.


Top
 Profile  
 Post subject: Re: AV Alert
PostPosted: Tue Sep 30, 2014 11:07 am 
Offline

Joined: Fri Jul 18, 2014 5:59 pm
Posts: 3

Hm ok, Did you use Themida ? It would explain the alert/false positive.

Thanks for the reply.


Top
 Profile  
 Post subject: Re: AV Alert
PostPosted: Thu Oct 02, 2014 1:21 pm 
Offline

Joined: Fri Jul 18, 2014 5:59 pm
Posts: 3

I still can't use it my AV keeps deleting it

Quote:
20141002 130856 Le fichier "D:\Users\&&&\Downloads\FF14ViperRelease2.0.9.9b\FF14ViperBot.exe" appartient au virus/spyware 'Mal/FakeAV-OP'.
20141002 130856 Le contrôle sur accès a refusé l'accès à l'emplacement "D:\Users\&&&\Downloads\FF14ViperRelease2.0.9.9b\FF14ViperBot.exe" pour l'utilisateur AUTORITE NT\Système
20141002 130856 Le fichier "D:\Users\&&&\Downloads\FF14ViperRelease2.0.9.9b\FF14ViperBot.exe" appartient au virus/spyware 'Mal/FakeAV-OP'.
20141002 130903 Le fichier "D:\Users\&&&\Downloads\FF14ViperRelease2.0.9.9b\FF14ViperBot.exe" appartient au virus/spyware 'Mal/FakeAV-OP'.
20141002 130903 La valeur de registre "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA" appartient au virus/spyware 'Mal/FakeAV-OP'.
20141002 130903 La valeur de registre "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin" appartient au virus/spyware 'Mal/FakeAV-OP'.
20141002 130904 Le fichier "D:\Users\&&&\Downloads\FF14ViperRelease2.0.9.9b\FF14ViperBot.exe" a été nettoyé(e).
20141002 130904 La valeur de registre "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA" a été nettoyé(e).
20141002 130904 La valeur de registre "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin" a été nettoyé(e).
20141002 130904 Le virus/spyware 'Mal/FakeAV-OP' a été supprimé.



Why is FF14ViperBot.exe trying to mess up with this registry keys in the first place ?


Top
 Profile  
 Post subject: Re: AV Alert
PostPosted: Thu Oct 02, 2014 2:48 pm 
Offline
Site Admin

Joined: Tue Oct 16, 2007 7:01 am
Posts: 20323

It tries to find out if it needs to prompt for a UAC/Consent privileges consent to launch.

As I said above, you have to add an exception for Viper to run.

I'm not going to go through what viper does internally. As this might open it up for detection by games.

It does not have any virii/trojans in it. Been in business for 10 years. Take it or leave it.


Top
 Profile  
Display posts from previous:  Sort by  
Post new topic This topic is locked, you cannot edit posts or make further replies.  [ 5 posts ] 

All times are UTC


Who is online

Users browsing this forum: No registered users and 5 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to: