Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Executable is Flagged by Multiple Antiviruses #126

Open
MEESTERSoupCan opened this issue Sep 7, 2024 · 4 comments
Open

Executable is Flagged by Multiple Antiviruses #126

MEESTERSoupCan opened this issue Sep 7, 2024 · 4 comments

Comments

@MEESTERSoupCan
Copy link

I tried running the executable, but my Antivirus (Malwarebytes) blocks it and labels it as malware. Checking it through VirusTotal causes 32 of the 75 Antiviruses used in the check to Flag it as Malicious, with the overall consensus between them calling it a Trojan. As nice as it would be to be able to watch videos in GMod, I can't trust something that scores THAT low on the website.

@WinterPhoenix
Copy link
Collaborator

It's a well-known false-positive with PyInstaller, which we use to build our release executables. See https://github.com/pyinstaller/pyinstaller/blob/develop/.github/ISSUE_TEMPLATE/antivirus.md

This project is open source so you can review what our code is doing.

If you're worried that the release executable we build is infected

The build process for the executables (except for macOS, due to the unique nature of DMGs) can be found here:
https://github.com/solsticegamestudios/GModCEFCodecFix/blob/master/.github/workflows/main.yml

If you don't trust the release executable anyway

Download Python, install the requirements with pip, and run the GModCEFCodecFix.py script yourself.

For Windows: Follow the instructions on Step 4/4 of the Fix Media Guide: https://www.solsticegamestudios.com/fixmedia/windows/

For Linux:

  1. Open Terminal
  2. Install git, c++ compilation tools, and Python 3.8 or later. Usually available via the build-essential package. Ex. sudo apt install build-essential on Ubuntu
  3. git clone https://github.com/solsticegamestudios/GModCEFCodecFix.git
  4. cd GModCEFCodecFix
  5. pip install -r requirements.txt
  6. python GModCEFCodecFix.py

Note: On step 5, you may get error: externally-managed-environment if Python is included with your distro. If that happens, follow the instructions provided to create and use a python virtual environment ("venv") for GModCEFCodecFix. Make sure to use python from that venv when you go to run the script!

If you still don't trust GModCEFCodecFix or its patch files

Build Chromium Embedded Framework (CEF) and gmod-html yourself, and overwrite the files included with Garry's Mod with gmod-html's INSTALL output.

Instructions to do that, and the scripts we use to build CEF, are here:
https://github.com/solsticegamestudios/GModCEFCodecFix/tree/master/cef_build

@Ethorbit
Copy link

A Docker image is also an option for those with trust issues. This one installs from master branch and runs unprivileged with UID & GID defaulting to 1000.

@WinterPhoenix
Copy link
Collaborator

That's only a slight improvement over just running the Python script from Terminal. It does not address which of GMod's files we're patching and with what

@Ethorbit
Copy link

Ethorbit commented Dec 30, 2024

of course people who already trust it can run it directly in their terminal. It's a big improvement for people who don't trust it, as it will be prevented from accessing anything outside the specified volumes. That was my point. With a container, you give it only what it needs to patch gmod and that's it.

That being said, it's not necessary to containerize and I only suggested it for the paranoid people.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants