Catapult.exe (1.5.0) infected ?

By retrocanada76

Champion (480)

retrocanada76's picture

26-03-2020, 19:35

Hello from exile...

In times of quarantine the Bitdefender quarantined my Catapult.exe over Gen:Variant.Application.Bundler.Amonetize.200

I downloaded it again from zip or .exe installer from opemsx.org and both accused same threat.

Could this be a false-positive ?

Then I tried to rebuild it from source. I got openMSX rebuilt but when I tried Catapult it is missing wxBase28.lib. I did all steps from the compilation guide but it seems the wxMSW 2.8.12 from sourceforge is not exactly the same version as originally used in the tutorial (the headers it asks to modify are not the same).

Anyone else had same problem ?

Login or register to post comments

By Vampier

Prophet (2346)

Vampier's picture

26-03-2020, 21:22

here we go again Smile I am the one who builds the release builds and dev builds.

The compiler service runs on a 'headless' virtual machine windows10pro (official keys) and are compiled by VisualStudio2019 (official keys) and runs McAfee antivirus (official commercial release) - the server runs on Ubuntu.

We recently had the same questions with the installers, as a result fixato installed a virus scanner on his web server as an extra layer.

https://openmsx.dev/builds/windows/x64/

you can submit the file to the virus vendor and get it cleared up

here is the other topic that was opened on this https://msx.org/forum/msx-talk/openmsx/windows-defender-and-...

By gdx

Prophet (3427)

gdx's picture

27-03-2020, 00:24

It's curious how anti-viruses declares emulators infected. It looks like there is a quarantine policy for related emulators and software.

By retrocanada76

Champion (480)

retrocanada76's picture

28-03-2020, 07:58

Yeah, I suspected it was a false one. The x64 does not get any issue.

Thxs

By Manuel

Ascended (16378)

Manuel's picture

28-03-2020, 23:03

Please report to the vendor of your anti-virus as false positive.

By Alexey

Guardian (2708)

Alexey's picture

07-04-2020, 16:44

This looks like Bitdefender's generic detection for PUP (potentially unwanted software). I work in the antivirus industry and Bitdefender is our engine partner. Normally antivirus vendors detect the software as PUP if it has adware modules, user tracking functionality, silent installation capabilities (for affiliate programs), browser toolbars, bitcoin miners and other unwanted modules that a vendor "forgets" to inform a user about. So if you use an installer with bundled adware or other PUP modules, your software will be detected.

The best way to discover this problem is to send your freshly made installer or software to VirusTotal and check if any common antivirus software detects it. If you are 100% sure that this is a false positive, it's advised to send the file to the vendor as false positive, as correctly suggested by Manuel. Every vendor has a webform for such submissions.