cancel
Showing results for 
Search instead for 
Did you mean: 

Malware Variant.Adware.Mplug.39 detected in ovr_sdk_win zip

AtariHistorian
Honored Guest
Spybot Search & Destroy flags the zips for ovr_sdk_win_0.5.0.1 and 0.6.0.0 as "Variant.Adware.Mplug.39".

I see that another user has already reported this in the development forum.

16 REPLIES 16

cybereality
Grand Champion
All those MD5 hashes appear to be the same as the ones I downloaded from the live site, so I don't believe the files have been tampered with. The strange part is that I have scanned the files you sent, with the paid version of Spybot, and they are still coming up clean. I'm not sure I understand.
AMD Ryzen 7 1800X | MSI X370 Titanium | G.Skill 16GB DDR4 3200 | EVGA SuperNOVA 1000 | Corsair Hydro H110i Gigabyte RX Vega 64 x2 | Samsung 960 Evo M.2 500GB | Seagate FireCuda SSHD 2TB | Phanteks ENTHOO EVOLV

AtariHistorian
Honored Guest
"cybereality" wrote:
All those MD5 hashes appear to be the same as the ones I downloaded from the live site, so I don't believe the files have been tampered with. The strange part is that I have scanned the files you sent, with the paid version of Spybot, and they are still coming up clean. I'm not sure I understand.

I certainly don't have the answer. I can try a few guesses, here's a good one... heuristics Do you have this selected?

selection.png

cybereality
Grand Champion
Yes, I have heuristics enabled.
AMD Ryzen 7 1800X | MSI X370 Titanium | G.Skill 16GB DDR4 3200 | EVGA SuperNOVA 1000 | Corsair Hydro H110i Gigabyte RX Vega 64 x2 | Samsung 960 Evo M.2 500GB | Seagate FireCuda SSHD 2TB | Phanteks ENTHOO EVOLV

AtariHistorian
Honored Guest
"cybereality" wrote:
Yes, I have heuristics enabled.

I think I'm short on ideas at this point. I'll let you know when/if the vendor responds. Let me know if you have something you want to try.

TomSD
Honored Guest
Have you guys heard of VirusTotal? You can upload a file there, they'll automatically scan it with 56 antivirus products, and give you the results in real-time. Here's a report for ovr_sdk_win_0.6.0.0.zip:
https://www.virustotal.com/en/file/b5ed ... 433190496/

Spoiler: 1 out of 56 antivirus products deemed this file a threat:
TrendMicro-HouseCall Suspici.F3C24B38

The flagged file within the archive appears to be OculusWorldDemo.exe.

I have first hand experience resolving these sorts of false positives. The way modern antivirus software works is deeply flawed and false positives occur way more often than they should. Reproducing the problem and getting it resolved with the vendor ranges anywhere from painless to impossible. Good luck!
i7-4770K, 2x GTX 780 SLI, Windows 7 64-bit, Oculus runtime 0.6.0.0

AtariHistorian
Honored Guest
Update: Resolved.

I (finally) received an email from Spybot asking me to run the scan again. Spybot no longer reports OculusWorld as malware.

cybereality
Grand Champion
Success!!!
AMD Ryzen 7 1800X | MSI X370 Titanium | G.Skill 16GB DDR4 3200 | EVGA SuperNOVA 1000 | Corsair Hydro H110i Gigabyte RX Vega 64 x2 | Samsung 960 Evo M.2 500GB | Seagate FireCuda SSHD 2TB | Phanteks ENTHOO EVOLV
Still need help?

Did this answer your question? If it didn’t, use our search to find other topics or create your own and other members of the community will help out.

If you need an agent to help with your Meta device, please contact our store support team here.

Having trouble with a Facebook or Instagram account? The best place to go for help with those accounts is the Facebook Help Center or the Instagram Help Center. This community can't help with those accounts.

Check out some popular posts here:

Getting Help from the Meta Quest Community

Tips and Tricks: Charging your Meta Quest Headset

Tips and Tricks: Help with Pairing your Meta Quest

Trouble With Facebook/Instagram Accounts?