News: 11 March 2016 - Forum Rules
Current Moderators - DarkSol, KingMike, MathOnNapkins, Azkadellia, Danke

Author Topic: Site: Recent Malware Warnings  (Read 26319 times)

RHDNBot

  • Guest
Site: Recent Malware Warnings
« on: December 21, 2015, 07:21:59 pm »
Update By: Azkadellia

As many of you are no doubt aware, the translations page has been flagged as malware. We are aware of it and it is a false positive. Blame those that use substandard detection routines. We repeat, it is a false positive. Ignore it. If you have to, use MSIE to access it.

RHDN Project Page

Relevant Link

yoyotheyoshi

  • Jr. Member
  • **
  • Posts: 9
  • High-tech low-life
    • View Profile
    • Smashcast
Re: Site: Recent Malware Warnings
« Reply #1 on: December 21, 2015, 07:39:55 pm »
It seems that the pages that're always flagged are the ones that are actually not harmful at all, and the ones that are sneak on by! Silly detection crap. Thanks for clarification, regardless.
"The light that burns twice as bright burns half as long."

Backloggery | Smashcast

amitrius17

  • Jr. Member
  • **
  • Posts: 56
    • View Profile
    • FantasyAnime
Re: Site: Recent Malware Warnings
« Reply #2 on: December 21, 2015, 08:49:45 pm »
Is there anything we can do to help? An article I Googled said to send an email to appeals@stopbadware.org. I did so. Hope that helps.
[ fantasyanime.com ] RPGs & Anime

hamguy

  • Newbie
  • *
  • Posts: 4
    • View Profile
Re: Site: Recent Malware Warnings
« Reply #3 on: December 22, 2015, 07:49:38 am »
I know I don't post a lot but I visit the translations a lot, and I get a malware warning almost every time. I know there's no malware though but I wanted to ask if it was anything I was doing wrong, like using a bad anti-virus software or something. I use AVG because it's free, and I have to disable it whenever I download any translation because it flags them all as a virus. Does this hurt the site? I mean like does it report to AVG that Romhacking is full of viruses or something? I ask because I just want to make sure I'm not accidently harming the site or something like that...

RhysOwens101

  • Jr. Member
  • **
  • Posts: 70
    • View Profile
Re: Site: Recent Malware Warnings
« Reply #4 on: December 22, 2015, 09:26:13 am »
I keep being redirected to a Security Error page when I click on stuff and it's annoying.
I use Google Chrome and some of the things I download from this site are said to have malware in their file.

I downloaded the Zelda Optimum thing by RetroRain and it says it as malware when it didn't before and it's blocked.
« Last Edit: December 22, 2015, 11:20:21 am by RhysOwens101 »

Yoshiatom

  • Jr. Member
  • **
  • Posts: 7
    • View Profile
Re: Site: Recent Malware Warnings
« Reply #5 on: December 22, 2015, 09:29:32 am »
It's worth noting that it's not just translations getting flagged; trying to download this document causes Firefox to say RHDN is a untrustworthy domain.

That makes me wonder; why is RHDN marked as a malware site in the first place?

RhysOwens101

  • Jr. Member
  • **
  • Posts: 70
    • View Profile
Re: Site: Recent Malware Warnings
« Reply #6 on: December 22, 2015, 11:18:53 am »
It's worth noting that it's not just translations getting flagged; trying to download this document causes Firefox to say RHDN is a untrustworthy domain.

That makes me wonder; why is RHDN marked as a malware site in the first place?
Possible because Firefox thinks the website is about literal hacking.

amitrius17

  • Jr. Member
  • **
  • Posts: 56
    • View Profile
    • FantasyAnime
Re: Site: Recent Malware Warnings
« Reply #7 on: December 22, 2015, 01:39:36 pm »
I got a response from stopbadware.org. They're not responsible if a page's downloads are flagged for malware. They offered some suggestions, though. Try 'em out.

Quote
Hi there,

It looks like Google is specifically blacklisting your downloads. Unfortunately, StopBadware does not work with Google on blacklisted downloads. We have no expertise in evaluating software, and we are unable to effectively analyze executables or other files. You will have to follow these directions, if you have not already done so:
https://support.google.com/webmasters/answer/168328?hl=en

We also recommend you post your issue in one of Google's forums, such as:
https://productforums.google.com/forum/#!forum/chrome
https://productforums.google.com/forum/#!forum/webmasters

We're sorry we are not able to offer more assistance. Unfortunately, we only work with Google when sites are on their general malware blacklist (Safe Browsing). Their blacklist of software downloads is completely separate, and we have never worked with them on this process!

Thanks,
The StopBadware Team
[ fantasyanime.com ] RPGs & Anime

RhysOwens101

  • Jr. Member
  • **
  • Posts: 70
    • View Profile
Re: Site: Recent Malware Warnings
« Reply #8 on: December 22, 2015, 02:07:51 pm »
Has this ever happened before? RHDN team?

amitrius17

  • Jr. Member
  • **
  • Posts: 56
    • View Profile
    • FantasyAnime
Re: Site: Recent Malware Warnings
« Reply #9 on: December 22, 2015, 02:20:38 pm »
RhysOwens101, I don't know about RHDN but I know in general Google/Mozilla have been becoming too aggressive at fighting badware. A couple months ago I found out that people can no longer download games from my site when using Chrome on Android. It would seem that Google looks inside zip files and if they find an uncommon file format (a ROM, an IPS patch, etc.) then it is flagged as suspicious and blocks people from downloading. I would imagine similar practices are applied to desktop, hence this situation with RHDN.
« Last Edit: December 22, 2015, 02:29:48 pm by amitrius17 »
[ fantasyanime.com ] RPGs & Anime

RhysOwens101

  • Jr. Member
  • **
  • Posts: 70
    • View Profile
Re: Site: Recent Malware Warnings
« Reply #10 on: December 22, 2015, 03:44:39 pm »
Will these false positives wear off soon?

snarfblam

  • Submission Reviewer
  • Hero Member
  • *****
  • Posts: 589
  • CANT HACK METROID
    • View Profile
    • snarfblam
Re: Site: Recent Malware Warnings
« Reply #11 on: December 22, 2015, 06:57:38 pm »
That makes me wonder; why is RHDN marked as a malware site in the first place?
RHDN hosts many patching utilities and some of these seem to trigger false positives with malware scans. (They don't match any known malware, they simply match poorly defined heuristics for "suspicious" code.) I've had ROM hacking software I wrote myself rejected by some anti-virus software.

Has this ever happened before? RHDN team?
Will these false positives wear off soon?

We've already responded to multiple queries from you, but I'll try to spell it all out as concisely as possible.

This problem started some time ago, but only affected a small number of users (in so far as we were made aware) and only on a limited set of pages. Initially it was one particular utility that was included in number of distributions that was causing most of the problem.

The situation has been getting worse very gradually, and now it has suddenly started affecting very many users and the entire translation section of the site (and possibly other pages). Staff has looked into possible solutions in the past, and will revisit them and try to figure something out. Currently the best idea we have is to put download links behind a registration wall which will presumably hide them from malware scanners. Feel free to leave any other suggestions in this thread.

Unfortunately things tend to move slowly here, and worse yet, this is some tremendously bad timing as we're all pretty busy with holiday-type things and the like, but we are aware of the issue and intend to address it. In the meantime, all we can do is suggest using an alternative browser. Internet Explorer/Edge does not appear to be affected by this problem. Pale Moon does not have this security feature and would not be affected, nor would older versions of FireFox (I use version 30). If your A/V software is also complaining, you would want to temporarily disable it or add an exception.

SylarDean

  • Jr. Member
  • **
  • Posts: 18
    • View Profile
Re: Site: Recent Malware Warnings
« Reply #12 on: December 22, 2015, 08:59:02 pm »
All i did was add this site to my WHITELIST on my antivirus program and problem solved, NO problem any more.
All you need to do then is just run a quick scan on any d/l'd files after before opening/running them or whatever.
I have NEVER had any problems with ANY files from this site and I 100% trust it AND all it's d/l's, iv'e used this site
for a good few years now and have NEVER had a problem, up until just now with this malicious site pop-up.

Thing is.. it's SO EASY for malicious @ssholes now to send in a report to their preferred used antivirus companies
and this will cause then the site to be flagged as malicious. The antivirus program company won't even check the
reported sites/issues.. I know this as fact because a fellow mate works for one of these antivirus companies and he
has said on numerous times to me that reported sites barely ever get checked, it's only when that site owners gets
in contact with the antivirus company that it will then get unflagged in a next update.

I'm NOT saying this is the case here.. it could be MANY issues.. BUT being the type of site THIS IS.. there's NO DOUBT
in the back of my mind that some @sshole has reported this site on purpose for some stupid reason.

someone

  • Newbie
  • *
  • Posts: 2
    • View Profile
Re: Site: Recent Malware Warnings
« Reply #13 on: December 22, 2015, 10:27:14 pm »
This is all news to me.  I visit the site all the time, and download lots of rom hacks, translations, and utilities ( That I use to destroy roms with, cause I am horrible at romhacking.  Its fun to try though ).  I have never had anything flagged.  I used to use explorer, now I use Microsoft Edge, and my antivirus is avast.

RhysOwens101

  • Jr. Member
  • **
  • Posts: 70
    • View Profile
Re: Site: Recent Malware Warnings
« Reply #14 on: December 23, 2015, 07:14:23 am »
I'm not downloading malware protection things because I'm running out of disk space.
Even the newest translation is blocked and is un-downloadable.

Every download I try is blocked basically.

December 23, 2015, 07:18:40 am - (Auto Merged - Double Posts are not allowed before 7 days.)
Unfortunately things tend to move slowly here, and worse yet, this is some tremendously bad timing as we're all pretty busy with holiday-type things and the like, but we are aware of the issue and intend to address it. In the meantime, all we can do is suggest using an alternative browser. Internet Explorer/Edge does not appear to be affected by this problem. Pale Moon does not have this security feature and would not be affected, nor would older versions of FireFox (I use version 30). If your A/V software is also complaining, you would want to temporarily disable it or add an exception.

I can't use FireFox because it has ads everywhere that I can't remove.

Tivo6

  • Jr. Member
  • **
  • Posts: 35
    • View Profile
Re: Site: Recent Malware Warnings
« Reply #15 on: December 23, 2015, 07:20:06 am »
hey

i can't even download romhacks here anymore either

because of that red sign blocked page popping up all the time now

lexluthermiester

  • Hero Member
  • *****
  • Posts: 672
    • View Profile
Re: Site: Recent Malware Warnings
« Reply #16 on: December 23, 2015, 11:17:36 am »
Update By: Azkadellia

As many of you are no doubt aware, the translations page has been flagged as malware. We are aware of it and it is a false positive. Blame those that use substandard detection routines. We repeat, it is a false positive. Ignore it. If you have to, use MSIE to access it.

RHDN Project Page

Relevant Link

 ::) Ok, simple solution, stop using the single most insecure web browser in history. Microsoft's Internet Explorer is and has been garbage since it was released. It has more bugs than a bait store and more open back doors than a Whorehouse. Microsoft's Edge is just as problematic and dangerous to use. If you use either, you're begging to get humped...  :laugh:

Instead folks, use a web browser like Firefox, Chrome or Opera. One could also use one of the many wonderful variants of these such as Cyberfox, Palemoon and Iron. :thumbsup: Comodo has some of the best security programs anywhere and makes security minded variants of Firefox and Chrome as well.

 

December 23, 2015, 11:34:05 am - (Auto Merged - Double Posts are not allowed before 7 days.)
Possible because Firefox thinks the website is about literal hacking.

How is this a Firefox problem when it is happening on Microsoft Internet Explorer? ::) I'm on Firefox and not having any problems. Also tried Cyberfox Icedragon and Palemoon[Firefox variants] with no problems. Chrome and it's variants[Chromodo and Iron] as well as Opera are also problem free. :thumbsup:
« Last Edit: December 23, 2015, 11:34:05 am by lexluthermiester »

justin3009

  • Hero Member
  • *****
  • Posts: 1614
  • Welp
    • View Profile
Re: Site: Recent Malware Warnings
« Reply #17 on: December 23, 2015, 01:31:23 pm »
I have Firefox and have been getting the translation page issue for quite a few days now, every time no matter what I do.  It's irritating but I can still access the pages at least by clicking the 'ignore this warning' subtext.
'We have to find some way to incorporate the general civilians in the plot.'

'We'll kill off children in the Juuban district with an infection where they cough up blood and are found hanging themselves from cherry blossom trees.'

RhysOwens101

  • Jr. Member
  • **
  • Posts: 70
    • View Profile
Re: Site: Recent Malware Warnings
« Reply #18 on: December 23, 2015, 02:06:36 pm »
I have Firefox and have been getting the translation page issue for quite a few days now, every time no matter what I do.  It's irritating but I can still access the pages at least by clicking the 'ignore this warning' subtext.
I get a similar issue on Chrome which means Chrome is problematic, to quote lexluthermiester.

Kiyoshi Aman

  • RHDN Patreon Supporter!
  • Hero Member
  • *****
  • Posts: 2259
  • Browncoat Captain
    • View Profile
    • Aerdan's Blog
Re: Site: Recent Malware Warnings
« Reply #19 on: December 23, 2015, 05:59:29 pm »
Okay, folks.

1. Firefox and Chrome both use Google's anti-malware service. You will not notice any difference in accessibility on that front unless you disable that feature in either one. DO NOT DO THIS ON A NON-TEMPORARY BASIS IF YOU ARE ON A FAMILY COMPUTER WHERE EVERYONE USES THE SAME ACCOUNT.

2. Internet Explorer is much safer these days than in previous years, as long as you use the latest available. Edge is even more secure.