Virus in PiTool 121 (and 129)

pitool

#1

Just downloaded and installed PiTool Beta 121. First off the link was bad on your page, you had a trailing space which caused an issue, removing the space allowed the file to download. (the link had a %20 at the end).

Also, during the install Windows alerted me to a virus. It identified Trojan:Win32/Fuery.B!cl in the following file: C:\Users\user\AppData\Local\Temp\is-OBJ55.tmp\pvr_oc_support_setup.exe

It quarantined the file so hopefully I was not burned by this.


#2

That is a falseflag was discussed as a couple of users using Bitdefender also had this issue.


#3

What antivirus software are you using?


#4

Will the removed quarantined file affect the install at all? I ran PiTool and everything seems fine so far.

@TrevorVR I am using the built-in Windows 10 Defender thing. No 3rd party tools here.


#5

I can’t say overall. But the removed filename suggests you won’t be able to run Oculus titles directly through pitool.


#6

Now that is strange. I use Windiw’s built in virus checker & didn’t have any warnings on install. Will need to take a deeper look (don’t have oculus home installed)


#7

Is there anything from Pimax that says it’s a false positive? I see others who noted it, but I haven’t seen an answer from @PimaxUSA


#8

No pimax official no. Just community results. But yeah pimax should be ones to make s real statement.


#9

Thanks, I’ll keep digging.


#10

Or alternatively… all of us Pimax users have exposed our PCs to hackers who will encrypt all files in our network and hold all our data as ransom for bitcoins.


#11

I’ve uploaded the temporary pvr setup files to a virus threat testing site, not a clean bill of health but it’s only a few scanners which believe something nefarious is going on.

https://www.virustotal.com/#/file/5b31ce8db7cf8286babb3780cb32e4d38fd4830f0e50a6d015c8b6091b32ee1c/detection
https://www.virustotal.com/#/file/9b7a7722b8aeafb581928e850d4cfa38219f4a9d67871aaa48e5886ac0123d54/detection
https://www.virustotal.com/#/file/09a78f8dd39c1360e81866f582f1196ed8d17de6429eaecfc9c917c45a55ac79/detection
https://www.virustotal.com/#/file/fbf87a93fb95feb5682213460650d5fbe5197523c580e7809551d2a23b83fcb4/detection

Doesn’t make me sleep better at night but fingers crossed.


#12

I don’t understand why Pimax won’t address it once and for all. I did create a support case, so let’s see how it pans out. It’s not a good look to trigger virus alerts all over the place. And to all those who say “pffft, none issue” remember that Asus’ update was hacked and installed malware. So it’s not as if it’s out of the realm of possibilities. Come @PimaxVR & @pimax & @PimaxUSA can you publicly address it? Or contact the AV manufacturer to get it off the false positive list?


#13

I don"t say “pffft” but with folks having very different results in say Windows Deffender could suggest a hitch hiker affecting a users download maybe?

So if say you install it & get a virus warning & I install it without warning. Then where did your infection come from if it installed clean with both systems using the same Windows & Av both at current update state?

But yes one should be concerned of a virus warning.


#14

Pimax should address this issue, each case is potentially something customer support has to deal with, so it should be in their own interest.

The installation software is signed, man in the middle attacks are extremely difficult unless somebody stole the key and is interspersing their own version when downloads occur. That can be pretty much ruled out, it’s just too complicated but hardly anybody verifies the checksum of the executable and Pimax doesn’t provide the checksums.

If it’s not a false positive, most likely an already compromised system is unreliable at identifying threats.


#15

Truth anything possible at this point. Smooth install no problems with Windows Defender.


#16

Spying on your population is just too difficult and can pretty much be ruled out.
Oh, hello Mr Snowden.

Relates a little to ‘a Chinese Government backed Chinese company wants unfettered access to my pc…sure, what could possibly go wrong? (Although I admit we’re no worse off whether NSA or China has all our data.)

People sure are very easy to resort to ‘illegal attacks are difficult…and therefore won’t happen’. It’s only the new modern type of humans who don’t do difficult.