Upcoming Games

No games to display

Full list
Add a game

Forum

TC Endings & bi-directional sign... Yesterday at 21:04 - TUT
Notification of support ending f... Yesterday at 17:31 - TUT
Introductions thread - please sa... Yesterday at 11:23 - TraineeSignaller
At what point does it become too... 03/05/2024 at 15:28 - Giantray
Bristol MAS 1970, Stage 3D 02/05/2024 at 17:44 - pedroathome
Wrong route set in timetable "Ru... 02/05/2024 at 13:17 - Hoggorm
Carlisle 1979-1980 Timetable 02/05/2024 at 00:18 - AndyG
Cornwall Pathing Bug 01/05/2024 at 20:06 - Smudgykins
HU1402 and Runround Movements in... 01/05/2024 at 18:20 - GeoffM
Phoning North Sidings question 01/05/2024 at 09:25 - Essexgirl
recursive bug report 26/04/2024 at 11:18 - bugsy
Mockups 25/04/2024 at 17:11 - madaboutrains
York South Outer 25/04/2024 at 11:49 - HST125Scorton
Is it possible to delete trains? 24/04/2024 at 21:45 - BJTaylor
Signal number plan 24/04/2024 at 20:40 - Steamer

Index
Latest posts

User

Log in
Register
What's my IP?
Search

Upcoming Events

No events to display

Who's Online

Al McLean, Rocangus, mh1978muc, 0D07, uboat, flabberdacks, kaiwhara (7 users seen recently)

Loader v5.24 falsely detected as Malware

You are here: Home > Forum > General > General questions, comments, and issues > Loader V5 > Loader v5.24 falsely detected as Malware

Page 1 of 1

1

Swipe the screen to the left to view more details

Loader v5.24 detected as Malware 01/01/2023 at 18:35 #149890
9pN1SEAp 1102 posts	Hi, This affects almost no users but I thought it might be worth a report anyway. The SimSigLoader downloaded by the UpdaterTool is currently being blocked on laptops running Check Point Harmony Endpoint with the Threat Emulation (sandboxing) capability enabled. The initial version from the installer isn't affected, nor were any versions prior to v5.24. I've got round it with an exclusion based on its SHA-1 hash (!) I've attached the report detailing why it thinks it's bad. Thanks Jamie Post has attachments. Log in to view them. Jamie S (JAMS) Last edited: 01/01/2023 at 18:38 by 9pN1SEAp Reason: HTML zipped to disable "Internet Zone" flagging Log in to reply

Loader v5.24 detected as Malware 01/01/2023 at 19:14 #149896
GeoffM 6287 posts	I had a quick look through that log and am somewhat surprised at what they call "threats". For example, reading the computer name? Or loading "http://www.bing.com/favicon.ico"? Or uses cryptography? There are also some claims which, as far as the SimSig code itself is concerned, are flat out false, like setting files to hidden, and "tries to read supported languages", and "hides the extension of specific file types". I will concede that perhaps some of the DLLs or packages used may contain such calls, though that in itself doesn't mean they're actually called by anything. I notice that in the Check Point forum the developers ask for false positives like this sort of thing, not to mention a large number of threads on other forums with reports of false positives. SimSig Boss Last edited: 01/01/2023 at 22:05 by GeoffM Reason: None given Log in to reply

1