MALWARE SCAN FINDS NON-MALWARE IN TRAINZ'S APPDATA FOLDER

Status
Not open for further replies.

jordon412

33 Year Old Railfan
So I did a Malware scan Tuesday night (4/21/2015), and I found two 'non-malware' malware in Trainz's Appdata folder. If 'non-malware' malware can be attached to a piece of Trainz content, then a virus can easily be attached to a piece of content and could cause massive damage to your computer. I RECOMMEND THAT ANYONE WHO DOWNLOADED THE FOLLOWING RUN A FULL SCAN FOR VIRUSES ON YOUR COMPUTER IMMEDIATELY:
Any made by b51bomber
Any made by DON49PLM
Any made by dinorius_redundicus
Any made by frogpipe
Any made by idiotbouy
Any made by infinity
Any made by ish6
Any made by jacek
Any made by james73
Any made by Maddy25
Any made by Pencil42
Any made by phil_c
IF ANYTHING YOU HAVE DOWNLOADED ANYTHING RECENTLY THAT IS MADE BY THE CONTENT CREATORS LISTED DO A FULL, THOROUGH VIRUS SCAN NOW!
 
Can I ask exactly what this 'non-malware' is, and what antivirus you are using? It's very unlikely that Trainz content would contain malware.

Shane
 
If 'non-malware' malware can be attached to a piece of Trainz content, then a virus can easily be attached to a piece of content and could cause massive damage to your computer.

Malware (non or otherwise) as well as viruses can be embedded into just about any type of file. It's a good idea to regularly run virus and malware scans. However it is also very easy for Scanners to provide false-positives, ie. it thinks something is bad when it really isn't. If the stuff you downloaded, came off from the DLS, and was downloaded via CMP, I wouldn't worry about it much at all. I believe N3V still scans stuff that gets uploaded.

You should also know what your scanner calls things and how likely they are to be bad. Most scanners have varying degrees, from something that it knows isn't bad, to something that is very bad. Just by the name "non-malware" I would presume it's not that bad of a thing, possibly just a file type it doesn't recognize & so flagged.

So I looked up Malwarebytes definition list here is what is says about "Non-Malware":
Software classified as Non-Malware has been detected as a function of real-time protection. This software is typically referred to as a Potentially Unwanted Program (PUP) or Potentially Unwanted Modification (PUM). You have not chosen to ignore this class of software, or to exercise the auto-quarantine capability when it has been detected, so no specific action has been taken. The non-malware detection may be acceptable to you, so you may choose to allow its operation once, always, or elect to quarantine it at this time.
Full listing: https://www.malwarebytes.org/support/guides/mbam/notifications.html

So basically it's software it doesn't recognize & so wants you to verify if it is or isn't Malware. Or it's a file that was modified and it doesn't think should be modified, again so it wants you to check.

peter
 
So I did a Malware scan Tuesday night (4/21/2015), and I found two 'non-malware' malware in Trainz's Appdata folder. If 'non-malware' malware can be attached to a piece of Trainz content, then a virus can easily be attached to a piece of content and could cause massive damage to your computer. I RECOMMEND THAT ANYONE WHO DOWNLOADED THE FOLLOWING RUN A FULL SCAN FOR VIRUSES ON YOUR COMPUTER IMMEDIATELY:
Any made by b51bomber
Any made by DON49PLM
Any made by dinorius_redundicus
Any made by frogpipe
Any made by idiotbouy
Any made by infinity
Any made by ish6
Any made by jacek
Any made by james73
Any made by Maddy25
Any made by Pencil42
Any made by phil_c
IF ANYTHING YOU HAVE DOWNLOADED ANYTHING RECENTLY THAT IS MADE BY THE CONTENT CREATORS LISTED DO A FULL, THOROUGH VIRUS SCAN NOW!

So, my question to you is this:

Why would any of these people upload something that is harmful to the rest of us?

All of these creators are quite well known and NO ONE else has had a problem.

I think you may be making something out of nothing and may find yourself backtracking quickly and making a LOT of apologies.
 
Last edited:
Can I ask exactly what this 'non-malware' is, and what antivirus you are using?

I use Malwarebyte's Anti-Malware. Also, that is exactly what my program called it, 'Non-Malware'.

@Perrock:
Thanks for the definition of non-malware. I listed those authors because I downloaded updates of those authors content since the last time I did a scan, which was on 4/11/2015. Also, I downloaded some of them via CM and others via FTP. Which way I download it depends of the size. If it's less than 100kb I'll downloaded it via CM, otherwise I'll download it via FTP, especially if it's over 1mb in size. Also, if I download via FTP, I can do two downloads at the same time.

@n8phu
I don't know. The authors could have uploaded it without knowing that there was 'non-malware' attached to it.

Also, I guess I jumped to conclusion because I figured that it would be something bad if antivirus program 'caught' something when, in this case, might not be something that can be a threat to the security of my computer.
 
Last edited:
you dont understand - the 'non-malware' is just your program trying to get you to verify something it can not verify. it isnt saying it is malware or something attached to a file that was uploaded by others that is all irrelevant. what it is saying is it doesn't understand the files so you must verify with caution they are not harmful. luckily i dont think anyone but yourself finds this cause for alarm.
 
I have a bunch of content from the users listed and I scanned my folder and I have nothing comIng up as malicious. its exactly how Justin said.
 
I've been uploading contents since 2002, and never seen my name in any situation like this! Seven of those creators on that list I know of, and / or worked with at sometime, and they never had issues either!

I think it's like Norfolsouthern37 said in his post! S

All in all, ometimes these programs are tricky, and a good example is when it scans N3V Artsource files --- One program detects issues while another does not; But we all know the artsource files are all clean!

Ish
 
@n8phu
I don't know. The authors could have uploaded it without knowing that there was 'non-malware' attached to it.

Since I am listed, to answer that, no sir! I know what goes into each folder!:wave:
And besides, I would think everyone on this list has protection against anything that might land in their computers, as I do here!


However, I guess it's good to ask questions, if you're not sure, and that's fine with me!

Regards
Ish
 
I agree with Ish and the others here...

Sure it is possible for malware, meaning computer viruses to attach themselves to known file formats such as Jpeg and Word Doc formats, however, in the 12 years of using Trainz I have never, ever, seen this. This is why it's good to run full malware scans and vet the notifications if there are any. In this case, the statement regarding non-malware is just that. A warning for the end-user to follow up on rather than take this as a threat. It is also good practice to use more than one scanner, however, not concurrently. Use one scanner as a real-time scanner and a secondary one periodically. This is also a good thing to do if there is some kind of suspicious activity on the system, or malware found during a real-time scan. The full-time antivirus will sometimes become "immune" to the threat or perhaps does not have the fully updated malware signature. By using a secondary scanner, this will ensure that there is nothing to escape through the dragnets!

In addition keep in mind that the new holistic scanning engines tend to pick up more non-malware because they look at the file structure, and will report more false positives in the process.

John
 
I find this post offensive and inflammatory, and is based completely on your lack of understanding of your malware software. Your post should have been stated in the form of a question. “Has this happened to anybody else”? The answer would have been yes. This too has happened to me with non-trains related files when I was using a cheap and ineffective anti-malware software.

I can’t speak for the others on this list but I assure you my computer is not more than six months old and protected by the latest McAfee fire wall and anti-virus software.


Everyone on this list that you have falsely accused are long time Trainz members and have nothing but respect for others in the Trainz community. Thank you, Don.


 
Last edited:
I agree with Ish and the others here...

Sure it is possible for malware, meaning computer viruses to attach themselves to known file formats such as Jpeg and Word Doc formats, however, in the 12 years of using Trainz I have never, ever, seen this. This is why it's good to run full malware scans and vet the notifications if there are any. In this case, the statement regarding non-malware is just that. A warning for the end-user to follow up on rather than take this as a threat. It is also good practice to use more than one scanner, however, not concurrently. Use one scanner as a real-time scanner and a secondary one periodically. This is also a good thing to do if there is some kind of suspicious activity on the system, or malware found during a real-time scan. The full-time antivirus will sometimes become "immune" to the threat or perhaps does not have the fully updated malware signature. By using a secondary scanner, this will ensure that there is nothing to escape through the dragnets!

In addition keep in mind that the new holistic scanning engines tend to pick up more non-malware because they look at the file structure, and will report more false positives in the process.

John

I'm a bit puzzled - isn't holistic something to do with beauty treatments or alternative medicine?

Either way, I agree that it's a good idea - I have Malwarebytes Anti-Malware free version alongside my main antivirus scanner.

Shane
 
Last edited:
It's obvious that I started the thread on the wrong foot, and I apologize to those who have offended. I have learned what 'non-malware' is due to this thread.
I must note that I ran Windows Defender last night and everything came back O.K.
Moderators, lock this thread before it gets any worse.
 
I'm a bit puzzled - isn't holistic something to do with beauty treatments or alternative medicine?

Either way, I agree that it's a good idea - I have Malwarebytes Anti-Malware free version alongside my main antivirus scanner.

Shane

Good one, Shane. We need some humor around here once in awhile if not more often! :)

Malwarebytes has a "heuristic" mode that scans files based on possible threats due to code construction. During its heuristic scan, it can pick up things and report them even though they maybe false.

The other antivirus that has this, or used to, was Trend Micro but I haven't used them in years.

John
 
Good one, Shane. We need some humor around here once in awhile if not more often! :)

Malwarebytes has a "heuristic" mode that scans files based on possible threats due to code construction. During its heuristic scan, it can pick up things and report them even though they maybe false.

The other antivirus that has this, or used to, was Trend Micro but I haven't used them in years.

John

It's something I just noticed at the time - I'm pretty good at doing that (especially when debugging programs). Glad you liked the humour of it though.

Incidentally, AVG also has a heuristic mode as well.

Shane
 
It's obvious that I started the thread on the wrong foot, and I apologize to those who have offended. I have learned what 'non-malware' is due to this thread.
I must note that I ran Windows Defender last night and everything came back O.K.
Moderators, lock this thread before it gets any worse.
Windows defender couldn't protect itself if it tried. All "OK" means with that is that it didn't find anything, and not that you don't have a virus or malware of some description in your computer.
If you have downloaded from these authors recently, there may be a possible chance a virus or form of malware or something is attaching itself to these files as they are being downloaded and altering them in a way that is causing malwarebytes to pick them up.
My first recommendation to you is to get a proper antivirus on your computer.
 
I find this post offensive and inflammatory, and is based completely on your lack of understanding of your malware software. Your post should have been stated in the form of a question. “Has this happened to anybody else”? The answer would have been yes. This too has happened to me with non-trains related files when I was using a cheap and ineffective anti-malware software.

I can’t speak for the others on this list but I assure you my computer is not more than six months old and protected by the latest McAfee fire wall and anti-virus software.


Everyone on this list that you have falsely accused are long time Trainz members and have nothing but respect for others in the Trainz community. Thank you, Don.



Don't be too harsh. Jordon made an honest mistake and was concerned about what his anti-virus threw up. I know I've been there. We all learn from this stuff.

Paul
 
Status
Not open for further replies.
Back
Top