[andejong]

Moin,

My Norton Internet Security (up to date at 20-12-2013) reports, every day, wenn a start the computer, that the files openrails.exe, runactivity.exe and unit.dll are infected with the virus WS.Reputation.1 -> http://www.symantec....:DUT&os=windows

This happens with the last 3 experimental Open Rails versions (last version of download X1888)

Please investigation that the download on the server free of this virus.


Thanks,

A.N. de Jong

This post has been edited by andejong: 20 December 2013 - 01:22 AM

[roeter]

Did an update of Norton this morning, then a full scan of my OpenRail directory.
Nothing was found (see attachment :  scan_20131220.txt (1.21K)
Number of downloads: 242) - and I made both updates and commits yesterday.

Regards,
Rob Roeterdink

[James Ross]

Since the "virus" name is explained to only be their check for Norton's "reputation" of that file, there is no actual issue here AFAICS. They just don't see these files very much (hardly surprising) so consider them potentially unsafe. It should only be warning you that it might be unsafe, not saying anything stronger.

https://www.virustot...sis/1387535200/ shows the latest experimental download passing all scans for actual viruses.

[That Genset Foamer]

James Ross, on 20 December 2013 - 02:31 AM, said:

Since the "virus" name is explained to only be their check for Norton's "reputation" of that file, there is no actual issue here AFAICS. They just don't see these files very much (hardly surprising) so consider them potentially unsafe. It should only be warning you that it might be unsafe, not saying anything stronger.

https://www.virustot...sis/1387535200/ shows the latest experimental download passing all scans for actual viruses.

McAfee's scanners and MalwareBytes haven't considered the ORTS menu or other components a virus (not even via heuristic detection, i.e. "Artemis!-[longstringofhexadecimalstuffhere]-") although McAfee's GetSusp program did report it as suspicious a few times beforehand. It hasn't turned up in the latest build of GetSusp, I should add.

Long story short, it's a reputation-based heuristic detection. Judging by my experience, it's definitely safe and likely a false positive.

[R H Steele]

andejong, on 20 December 2013 - 12:47 AM, said:

Moin,

My Norton Internet Security (up to date at 20-12-2013) reports, every day, wenn a start the computer, that the files openrails.exe, runactivity.exe and unit.dll are infected with the virus WS.Reputation.1 -> http://www.symantec....:DUT&os=windows

This happens with the last 3 experimental Open Rails versions (last version of download X1888)

Please investigation that the download on the server free of this virus.


Thanks,

A.N. de Jong

Nothing to worry about it's just Norton being Norton - all it means is that the file is little used or downloaded among the community norton has setup - in fact it can be a nusiance because in some instances it will decide a file falls into this category after you download it and delete the downloaded file to protect you. I have never gotten a virus or malware from dowloading Train Sim stuff - rolling stock, routes or community KNOWN software (route riter, train store, conbuilder, activity master. etc.)

To disable Norton WS Reputation perform the following:
Open the Norton Panel > Settings > Firewall > Intrusion and Browser Protection > Download Intelligence > OFF > Apply > Then close out of the Panel. Problem Solved. Always be cautious that you know and watch what you are downloading. The Open Rails experimental and stable versions are quite safe unless you ignore signals and speed.

Cheers rhs (Gerry)