Jump to content

Antivirus Problems


Recommended Posts

Dear Aslain,
For some time now there have been repeated problems with the modpack being incorrectly identified as a virus. I don't know all antivirus programs, so I'm speaking from my experience with ESET. It is NOT possible for ESET users to temporarily release a file that is classified as potentially dangerous. Even temporarily deactivating the antivirus during installation does not help, because ESET automatically reactivates itself when you try to install such a file. The only option would be to uninstall ESET completely, which is not really an option.

Submitting a file to ESET for review is usually pointless, because by the time this process is complete and the file is released by ESET, the next Aslain version is usually ready and the game starts again from the beginning.

I love the Aslain Modpack and appreciate your work very much, but is there no way to reduce the false detections again? I have generally been very happy with ESET for many years and apart from the Aslain Modpack I have not had any problems. Removing ESET is therefore not really an option and I think many users feel the same way.

I hope a solution can be found.
Dirk.

Link to comment
  • Administrator

I understand the frustration caused by antivirus software like ESET misidentifying the modpack as a potential threat. Unfortunately, false-positive detections are quite common, especially with custom software like mine, which is safe and secure. The issue arises from how antivirus algorithms detect new or less commonly used software, leading to these false alerts. The nature of how the modpack installer works can sometimes trigger antivirus heuristics. The installer might perform actions that, although completely safe, resemble the behavior of certain malware in the eyes of the antivirus software. These programs, particularly those that rely heavily on heuristic detection and AI-based algorithms, might falsely flag the modpack as a threat because they detect patterns that superficially resemble malicious activity.

One potential solution is to purchase a digital signature certificate. While this could help reduce false-positive detections, it's important to note that it solves only part of the problem. Additionally, acquiring and maintaining such a certificate is quite expensive and requires regular renewals, making it less feasible in the long term especially for a free software like mine. Even with a digital signature, there's no absolute guarantee that all antivirus programs, including ESET, will stop flagging the files.

Rest assured, my modpack is entirely safe, and these warnings are indeed false-positive results. If possible, you can try submitting the file to ESET for review, but I understand that this process can take time, and by then, a new modpack version might already be out.

I hope this clarifies the situation a bit more. Unfortunately, there’s no perfect fix for these false detections...

 

Link to comment

Hello Aslain and thank you for the quick reply.
What surprises me is that the antivirus programs have only been recognizing the Aslain Modpack as a false positive for some time. Before, it always worked without any problems with ESET. Has anything changed in the Aslain Modpack in the last few months that is causing these frequent false positive detections?

Please don't misunderstand me, I trust you completely and believe you that there is no virus in your modpack. Unfortunately, modern and secure antivirus software like ESET leaves you no choice and you cannot prevent these files from being blocked unless you uninstall the entire antivirus software.

 

The "Restore and exclude from scan" function is grayed out. When I asked ESET supprt, I was told that you can only manually exclude files that are identified as "potentially unwanted" from further scans, but not files that have been classified as "potentially dangerous". These can only be released after they have been sent in and analyzed by ESET, which unfortunately usually takes quite a long time.

Eset-Aslain.png

Edited by StEnDi78
Link to comment
On 9/30/2024 at 3:41 AM, StEnDi78 said:

Submitting a file to ESET for review is usually pointless, because by the time this process is complete and the file is released by ESET, the next Aslain version is usually ready and the game starts again from the beginning.

I submitted a false positive once to BitDefender. I tried to download and install an hour later and it worked

On 9/30/2024 at 8:54 AM, StEnDi78 said:

Unfortunately, modern and secure antivirus software like ESET leaves you no choice and you cannot prevent these files from being blocked unless you uninstall the entire antivirus software.

Anything but modern and secure. ESET LiveGrid and other 'reputational' or AI based systems are basically admissions they got no idea what's going on and until there are many recorded problem free downloads approved by the big AV players they'll block the file in question. 

 

On 9/30/2024 at 3:41 AM, StEnDi78 said:

Removing ESET is therefore not really an option

Why not? Indentured servitude? Digital bondage? Shareholder or employee?

  • Upvote 1
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use and Privacy Policy.