A malware in MTA ???

[Guest]

Here is a screenshot from my antivirus...

What's this ?

[Ransom]

Umm either something infected it or your virus scanner is dumb. MTA is obviously not virus laden.

[Brophy]

unless he is using a cracked infected version

[njr1489]

Where have you gotten this from? If you didn't download it from the MTA site, maybe someone put a virus in the client and hosted it.

[Kent747]

MTA does not contain any malware, if your antivirus picked it up, it could be due to one of two things.

1. you downloaded it from an untrusted source, (use the download now and use the wojjie download source)

or

2. some antivirus software detects methods of virus operation, since MTA is essentially a hack, it could contain code that causes a false positive in antivirus software, namely the method that MTA uses to hook GTA's rendering sequence to draw the chatbox.

Kent

[Guest]

I've downloaded mta from this website... Maybe the virus has been hosted on a mta server and applied without anyone can see anything...

Security issue ?

[EDIT]

McAfee ViruScan was used

[Brophy]

i doubt that would happen

[Si|ent]

IF your client is infected then theres a high chance other applications on your system are also infected, depending which virus you have 'caught', but very few limit themselves to infecting a single file. I would update your vscanner and spyware cleaner and scan/clean thoroughly. Then re-download and re-install MTA and any other files that have become infected.

[orappa]

They don't really say much about it:

http://vil.mcafeesecurity.com/vil/content/v_133342.htm

[Guest]

The part of of image shown result from a complete scan of my system, with the latest definitions of viruses...

I've scanned my system with an anti-spywares too, but the viruses is only identified in this file...

[eAi]

What is the MD5 has or CRC of the file in question? You can find out the CRC by putting the file in winzip (or winrar) and telling it to display the CRC column (right click on a column header).

Does anyone else have McAfee who could check if this is McAfee's fault? I notice that update that caused this was released only a couple of days ago. If it is their fault, we'll contact them and inform them.

eAi

[Kent747]

the subtype Heuristic implies that mcaffe caught it because of some virus's methodology, so it could be because of our graphics hook, however, i would do as eAi suggested and get an MD5 hash so that we can verify the download is infact the same file as we are distributing.

[Guest]

I've deleted the file... sorry !

[orappa]

You could try downloading it again from the official Wojjie servers and see if the problem persists.

[Guest]

I've just done that :

First of all I've uninstalled/reinstalled MTA from the archive I've keeped on my HD : the malware was still there...

I've then re-dl the file from gonnaplay.com (the first of the mirror servers in the download list of mtavc.com), unistalled/reinstalled the game, and the problem hasn't disappeared...

So your code is detected as a virus by McAfee, surely due to a too big resemblance with a real virus... Another program, TeamSpeak had a similar problem with Norton, a year ago...

[Kent747]

thank you for alerting us, we'll fire an email over to the mcaffe guys.

Kent

[HardCoRe.]

I've just done that :

First of all I've uninstalled/reinstalled MTA from the archive I've keeped on my HD : the malware was still there...

I've then re-dl the file from gonnaplay.com (the first of the mirror servers in the download list of mtavc.com), unistalled/reinstalled the game, and the problem hasn't disappeared...

So your code is detected as a virus by McAfee, surely due to a too big resemblance with a real virus... Another program, TeamSpeak had a similar problem with Norton, a year ago...

but that was keypresshook, which MTA doesnt use...but it does have a keyhook.

and obviously MTA is not malware...or we wouldnt have like...10,000 users.

[eAi]

We've contacted mcafee but they've not responded. In the meantime, disable your virus scanner while playing.

eAi

[Guest]

I also have McAffee and the same thing happened to me.

MTAClient.exe shows up as a Trojan, so its not just a glitch or something

[Hawk_Boy]

I have McAfee, and no this never happened. What could have happened Berbe is you could have caught a virus from a website or something, and that virus spread itself onto your computer files, thus infecting MTAClient.exe

[Ransom]

the subtype Heuristic implies that mcaffe caught it because of some virus's methodology, so it could be because of our graphics hook, however, i would do as eAi suggested and get an MD5 hash so that we can verify the download is infact the same file as we are distributing.

Is that in English?

[orappa]

Makes sense to me.

[=BDC=Kenny]

Umm.. the answer is probably yes

[eAi]

We've contacted mcafee and they've not responded. If you're a mcafee customer, pester them to fix this issue, they don't seem to care...

[Slothman]

mcafee I find is really overzelous with the protection (which can be good i suppose) and i bet they get a lot of this every day. Of course MTA is a very popular program and this warrents a reply from mcafee (IMO)