Author Topic: XMPlay GME plugin  (Read 53777 times)

evknucklehead

  • Guest
Re: XMPlay GME plugin
« Reply #50 on: 14 Jul '16 - 08:55 »
Why would it identify as a specific type of trojan, though? Specifically, Win32/Tulim.A!cl. Logically, if it was an inability to decompress the .dll, it would trigger as a generic "Unreadable  file" style error.

I also tried telling Windows Defender to allow the file, but it detected and auto quarantined the file again anyway.

I think that for now, unless Mudlord releases another build that doesn't trigger the warning, I'll just stick with the older version, even though some things sound a little better on the newer version.

deus-ex

  • Posts: 235
Re: XMPlay GME plugin
« Reply #51 on: 14 Jul '16 - 09:33 »
Why would it identify as a specific type of trojan, though?

Beside databases with definitions of already known viruses Anti-Virus applications use heuristic analyses to search for patterns of malicious code to identify yet unknown new/modified viruses. Sometimes this leads to false alerts.

I also tried telling Windows Defender to allow the file, but it detected and auto quarantined the file again anyway.

I don't have made good experiences with Windows defender either, therefore I disabled it in favour of a better product.

kode54

  • Posts: 100
Re: XMPlay GME plugin
« Reply #52 on: 15 Jul '16 - 04:51 »
For reasons I wish to understand, mudlord is packing his releases with his personal packing software, which I have a slightly old source code to. Nothing too overt, just a custom loader and LZMA compression.

I say, wish to understand, because I think the source to this software is available somewhere. I think he uses his packer on his releases because he's proud of it. I know I would be, accomplishing something like that at long last. I even helped him out a bit with getting it working on more software, including my initial attempt at handling DLL imports and exports. I think he uses a stock library for processing those now, though.

He also password protects archives on his site, using a common password you may ask him for, or ask him to post here, because he frequently posts files that get caught as false positives by virus scanners, and those files being Google indexed tends to lead to his entire domain being blacklisted by browser security lists.

I stopped having the virus scanner issue ages ago, because I pay the expensive Code Signing Certificate Tax.

saga

  • Posts: 2183
Re: XMPlay GME plugin
« Reply #53 on: 15 Jul '16 - 12:19 »
Quote
because he frequently posts files that get caught as false positives by virus scanners
...such as anything packed with custom exe packers.

piovrauz

  • Posts: 967
Re: XMPlay GME plugin
« Reply #54 on: 16 Jul '16 - 18:00 »
"... because I pay the expensive Code Signing Certificate Tax". You made my day.

cooli

  • Posts: 8
Re: XMPlay GME plugin
« Reply #55 on: 28 Feb '17 - 13:52 »
Hello mrmudlord,

Is there any chance we see an update of your plugin one day?

FIX94

  • Posts: 8
Re: XMPlay GME plugin
« Reply #56 on: 20 Oct '17 - 07:50 »
Maybe somebody is interested in it, I finally uploaded my personal changes to the plugin onto my github, have been using them for over a year now without ever pushing them up  ::)
https://github.com/FIX94/xmp-gme
see the README for the changes, and click the "releases" tab for the actual .dll file.

Ian @ un4seen

  • Administrator
  • Posts: 20437
Re: XMPlay GME plugin
« Reply #57 on: 20 Oct '17 - 17:11 »
Looks like a nice update. It is up on the XMPlay support site now.