Jump to content
Sign in to follow this  
Chippy

Viruses in Mods?

Recommended Posts

I need to educate myself a bit on viruses, having been hit pretty bad recently and in the past - so as title suggests am curious about how much control a person can get if their intent is to install malicious software embedded into a mod?  And does virus protection pick it up?.

 

I used Norton, but their yearly fee was a joke, Kapersky broke down every time Microsoft updated windows, and McAfee seem useless.  I worked in a college that supposedly had the latest security (teaching high risk adult offenders 98% of which were male) and was the only member of staff that had issue with 14-16 year old's being brought into that environment - and in return my colleagues tried to access child pornography on my workstation (with general access) but that made it past their security measures, so I don't expect too much from virus protection.

 

But am concerned about mods, as I think it was some Skyrim virus/stuff that recently made it's was onto my PC.  The recent virus accused me of offensive material on the PC - but if I paid x amount of money, I could escape a jail sentence...

 

I haven'y used my PC to play a game in weeks, and have only used it for emails, and am seriously considering not using mods for game ever.  Which would be a shame.  But not as much as loosing my career and life.

Share this post


Link to post
Share on other sites

There have been some reports of fake mods being uploaded to the nexus with similar names to popular mods, yeah. But generally they're not too hard to spot - a .exe file is generally a dead giveaway as Skyrim modding generally doesn't require that level of code delving (although there are some well documented exceptions, such as the SKSE framework).

 

That's the thing with modern malware - unlike in the past, infection is normally targetted by way of social engineering, like that ransomware example you provided. But that doesn't necessarily mean an infection because it might just be a nasty but mundane pop-up on a dodgy website.

  • Like 1

L I E S T R O N G
L I V E W R O N G

Share this post


Link to post
Share on other sites

Norton is horrible. Norton used to be awesome, way back in the late 80s and 90s, but it's been bloatware and crap for more than a decade now.

 

For AV I recommend NOD32. I've used almost all AVs at this point, and NOD32 is worth the $$. There are other AVs that are as good at detecting, but NOD32 is the least intrusive (uses least resources and updates seamlessly) and has the least false alarms in my experience (so many other AVs regularly have false alarms). If you shop for deals you can catch it for only $5/year for a single computer (that's what I've paid the last couple years on newegg), but even at the regular price I'd say it's worth it. Couple that with Malwarebytes, put yourself behind a router, use UAC (if you have vista, 7, or 8 ) and you'll be protected from most things with very few false alarms.

 

That said, even the best internet condoms only go so far. Nothing beats being savvy enough to not open that file full of poo, or venture down that dark interwebs alley full of bad things.

 

As far as mods, it really would depend on the game. Get them from a reputable site, and you'll likely have no problem. If you're concerned, scan it with you AV and search the net for the files to see if they are listed as known malware. If you're still uneasy, delete it and don't use it. In my expeirence with most mods though, regardless of viruses or not, just read the comments on the mod from other users to get their feedback on it. Chances are if there's actually malware in the mod, someone will have posted about it.

Edited by Valsuelm
  • Like 1

Share this post


Link to post
Share on other sites

You can only reduce risk that's with any type of software you download from the internet. Source, is this the package that the developer created and uploaded (sometimes devs prodice hashs e.g. MD5 to verify). Popularity and time, new = bad, unpopular means less likely to be discovered as malware. Anti-virus, there's a lag between a virus infecting machines and the anti-virus updating their definitions, also pretty useless after infection, I use Microsoft's Security Essentials and Virus Total (online tool that uses most anti-virus software, there's at least 2 other services that do the same).

Edited by AwesomeOcelot

Share this post


Link to post
Share on other sites

I'm a fan of MalwareBytes, which is not an antivirus as such, but is designed to run alongside a traditional anti-virus program (which usually conflict with one another). Unfortunately they've recently switched from a lifetime licence model to a subscription-based one, however you can still find copies of the lifetime version through retailers without too much difficulty. At under $20 for life, I think it's a no-brainer.


L I E S T R O N G
L I V E W R O N G

Share this post


Link to post
Share on other sites

I've had trojan ad/malware put on my computers that were piggybacking otherwise innocuous software. Just this other day I had to remove a search engine hijacker I got from installing Portforward.


Quote
"Turned wrong way round, the relentless unforeseen was what we schoolchildren studied as 'History,' harmless history, where everything unexpected in its own time is chronicled on the page as inevitable. The terror of the unforeseen is what the science of history hides, turning a disaster into an epic.”

 

-Philip Roth, The Plot Against America

 

Quote
"Always write angry letters to your enemies. Never mail them."

 

-James Fallows

 

Share this post


Link to post
Share on other sites

In considering the replies I have to admit I've been unbelievably stupid in recent weeks, as I'm moving house I just left the PC on and it's been used by someone with dementia, and my brothers mates in between my communications with solicitors, estate agents, etc ... so I pretty much repeated what happened at work years ago.  Yeah.

 

I've seen idiots set up as a patsy and pay for it, but suppose that as a hobby, you just don't want to invest too much time/effort into a thing that should just be relaxing after work.

 

So I'm thinking: scale back on the mods for games that arn't much fun anyway, grab seperate laptop and PC as work only > gaming only.  Install every concievable virus protection on each, and only connect the gaming PC to the internet for mandatory updates from microsoft, steam and video card drivers.

 

The best answer would be to not have a gaming PC ever connected to the internet, (validate windows on format through phone call) but I'm pretty sure that doesn't work...

Share this post


Link to post
Share on other sites

Eh, just put up a safe password on your administrator account, the other people using your PC can use a limited guest account. That way you can be reasonably sure in future than any error made is probably yours.


L I E S T R O N G
L I V E W R O N G

Share this post


Link to post
Share on other sites

Video game mods arent generally a key source of viruses. It can happen, and i dont know what makes you certain that one you had was from a skyrim mod, but it probably wont solve all your problems.

 

More important is a proper antivirus - ignore norton etc - and some best practices as mentioned above.

Share this post


Link to post
Share on other sites

I just use MalwareBytes and Spybot S&D while occasionally downloading the free version of Avast and running it. Honestly AVs use up too many resources to leave them installed permanently given their limited utility beyond what MalwareBytes and Spybot already do.


"You know, there's more to being an evil despot than getting cake whenever you want it"

 

"If that's what you think, you're DOING IT WRONG."

Share this post


Link to post
Share on other sites

I just use MalwareBytes and Spybot S&D while occasionally downloading the free version of Avast and running it. Honestly AVs use up too many resources to leave them installed permanently given their limited utility beyond what MalwareBytes and Spybot already do.

Seriously? I hope you're using Linux or OSX then, because Windows is full of holes.


Exile in Torment

 

QblGc0a.png

Share this post


Link to post
Share on other sites

 

I just use MalwareBytes and Spybot S&D while occasionally downloading the free version of Avast and running it. Honestly AVs use up too many resources to leave them installed permanently given their limited utility beyond what MalwareBytes and Spybot already do.

Seriously? I hope you're using Linux or OSX then, because Windows is full of holes.

 

Not really. Or rather, most of the holes in 7 are only exploitable because of PEBKAC. And those that aren't are easily picked up by Spybot and MalwareBytes


"You know, there's more to being an evil despot than getting cake whenever you want it"

 

"If that's what you think, you're DOING IT WRONG."

Share this post


Link to post
Share on other sites

I THINK I was wrong about it being in Skyrim, as I ran a full scan with MCAfee and came up with a warning on a file located in the heavily modded version of FF7.  However they did warn users about that ("artemis" something), so I'm sitting on the fence as it could have been a clever way of politely smiling while stabbing victim in back. :getlost:

Share this post


Link to post
Share on other sites

I might disagree with Valsuelm about a lot of stuff, but I agree that the rules of keeping your crown jewel (PC) virus free are the same as keeping your family jewels virus free.

 

Wear an anti-virus condom. But also only interact with partners you trust. And get checked regularly.

 

I'm not sure what the rules are for dodgy software claiming to have put child porn on your PC. Personally I'd feel sorry for myself, then take the whole bloody thing out and burn it.

 

...Which beats your options if your family jewels get infected.

Edited by Walsingham

"It wasn't lies. It was just... bull****"."

             -Elwood Blues

 

tarna's dead; processing... complete. Disappointed by Universe. RIP Hades/Sand/etc. Here's hoping your next alt has a harp.

Share this post


Link to post
Share on other sites

The problem I have with antivirus is that they're always too far reaching, doing too much, not allowing you to downsize their role in governing your operating system. They usually have good reason for it, but as someone who has slightly more computer expertise than your average antivirus user, all I really want from an antivirus is Sandboxie combined with a basic, manually initiated scanner. I don't know of any antivirus that actually is just that...so I opt for not using one, and just using Sandboxie and my brain.  :getlost:

 

The last time I was infected was, ironically, about two years ago when I installed a mod tool for Baldur's Gate that was mentioned as a legit tool in some modding communities, but had trouble finding a working link to, and found one on some random file hosting site that I sadly did not test, not expecting some dummy to infect it. Before that was about 5, 6 years ago for some garbage my brother installed on my computer without my knowledge. So I think I do pretty well.  :)

Edited by Bartimaeus

How many fingers am I holding up, Winston?
 
How to Totally Remove Ignored Users from Your Obsidian Forums.

Share this post


Link to post
Share on other sites

The problem I have with antivirus is that they're always too far reaching, doing too much, not allowing you to downsize their role in governing your operating system. They usually have good reason for it, but as someone who has slightly more computer expertise than your average antivirus user, all I really want from an antivirus is Sandboxie combined with a basic, manually initiated scanner. I don't know of any antivirus that actually is just that...so I opt for not using one, and just using Sandboxie and my brain.  :getlost:

 

The last time I was infected was, ironically, about two years ago when I installed a mod tool for Baldur's Gate that was mentioned as a legit tool in some modding communities, but had trouble finding a working link to, and found one on some random file hosting site that I sadly did not test, not expecting some dummy to infect it. Before that was about 5, 6 years ago for some garbage my brother installed on my computer without my knowledge. So I think I do pretty well.  :)

 

I can see what you mean. But isn't this symptomatic of most computerised functions these days. The user isn't - can't be - aware of all the things being done on their behalf, even if they had authority to change them.

 

I reckon the way round it has to be the creation of an expert system or systems  which act as seneschals that talk to the user and implement their overall guidance. The trouble is that introduce that functionality and immediately most people will ****ing opt for the cheapest, and that one will by definition be the least loyal to their interests.


"It wasn't lies. It was just... bull****"."

             -Elwood Blues

 

tarna's dead; processing... complete. Disappointed by Universe. RIP Hades/Sand/etc. Here's hoping your next alt has a harp.

Share this post


Link to post
Share on other sites

The problem I have with antivirus is that they're always too far reaching, doing too much, not allowing you to downsize their role in governing your operating system. They usually have good reason for it, but as someone who has slightly more computer expertise than your average antivirus user, all I really want from an antivirus is Sandboxie combined with a basic, manually initiated scanner. I don't know of any antivirus that actually is just that...so I opt for not using one, and just using Sandboxie and my brain.  :getlost:

 

As I've already stated.

 

For AV I recommend NOD32. I've used almost all AVs at this point, and NOD32 is worth the $$. There are other AVs that are as good at detecting, but NOD32 is the least intrusive (uses least resources and updates seamlessly) and has the least false alarms in my experience (so many other AVs regularly have false alarms). If you shop for deals you can catch it for only $5/year for a single computer (that's what I've paid the last couple years on newegg), but even at the regular price I'd say it's worth it. Couple that with Malwarebytes, put yourself behind a router, use UAC (if you have vista, 7, or 8 ) and you'll be protected from most things with very few false alarms.

 

NOD32 is also quite customizable in what it does and doesn't do, and easily temporarily turned off all together if one so wishes for whatever reason.

Edited by Valsuelm

Share this post


Link to post
Share on other sites

I can see what you mean. But isn't this symptomatic of most computerised functions these days. The user isn't - can't be - aware of all the things being done on their behalf, even if they had authority to change them.

 

 

I reckon the way round it has to be the creation of an expert system or systems  which act as seneschals that talk to the user and implement their overall guidance. The trouble is that introduce that functionality and immediately most people will ****ing opt for the cheapest, and that one will by definition be the least loyal to their interests.

 

 

I'm not sure I quite understand. Can't be aware of all the things being done on their behalf? If you care to be aware, and prevent programs from acting out of line, I think can be pretty aware of what goes on most of the time on your own computer. I disable all auto-updaters (or firewall them if they can't be/won't listen), don't let programs runs all the time if I don't have a use for them running all the time, and generally know what everything currently running is for. The only thing I can think of that's "automatically" doing things is my defragmenter, but since that's mostly behind the scenes, that's fine.

 

Your second line makes me think of a sort of limited AI...man, I wish I were in the future. I'd totally let an AI run [on] my system if it listened to me and generally followed my policies while being a completely dope AI. :p

 

@Valsuelm: "Temporarily turned off"? That's the problem - it's just backwards from how it should be. The antivirus always assumes it should be turned on, when I have no need for it to be on all the time. "Temporarily turned on" is closer to what I'm looking for. :)


How many fingers am I holding up, Winston?
 
How to Totally Remove Ignored Users from Your Obsidian Forums.

Share this post


Link to post
Share on other sites

 

@Valsuelm: "Temporarily turned off"? That's the problem - it's just backwards from how it should be. The antivirus always assumes it should be turned on, when I have no need for it to be on all the time. "Temporarily turned on" is closer to what I'm looking for. :)

 

 

 

Why you'd want to leave AV off most of the time I don't know, but if that's what you want to do, you can just set NOD32 up that way. It has a very robust set of options, allowing one to enable or disable just about every aspect of it individually. Like all AVs though, it will need to load up when you start up your computer as like all AVs it needs to load before just about everything else does in order to work properly.

 

As I mentioned before, it's really unintrusive. I haven't had a false alarm or reason to disable it temporarily in months, and I go down dark interweb alleys fairly frequently.

 

It sounds to me like your experiences with AV are limited to bloatware like Norton or many of the free AVs, for which I can see why you'd want to turn it off most of the time. Like most of the better AVs, there's a free trial at their website if you ever wanted to check it out.

Edited by Valsuelm

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...