Results 1 to 1 of 1

Thread: pokesav questions

  1. #1


    Join Date
    Dec 2013
    Posts
    0
    Mentioned
    0 Post(s)

    pokesav questions

    so I ran pokesav at virusscan.org and this is the result
    http://r.virscan.org/report/de5ab98e...171ab2395.html

    it seems that someone else had run a similar scan last month-ish.

    Here are the full results, in case you don't want to click the link:
    Spoiler!

    In case you don't have experience with services like virusscan.org: you upload a file, and they scan it using a bunch of industry-recognized scanners/heuristics and post the results on a single page.

    It is significant that a-squared actually identified the file as a hack tool: "HackTool.Win32.Poks!IK".
    Microsoft also did the same: "HackTool:Win32/Poks". In the context of antiviruses and antimalware, a hack tool is used to access remote machines, not hack pokemon saves, in case anyone was confused. Anywho, "HackTool" isn't the part that is significant; the fact that a-squared and Microsoft actually have a name for this type of hack tool and they know it is related to Pokemon, hence the "Poks" is what really stands out. This means that this is an actual definition, not a heuristics result (an example of a heuristics result would be comodo's result "unclassified malware").

    Interestingly, COM's Japanese versions (COM is who originally wrote pokesav http://pokesav.umimi.com/) are 100% clean, which is making me think that either the person that made the English versions is pulling shenanigans or the server is compromised and someone out there is uploading insecure files for everyone to download.

    I expect I'll get much hate from this post, but please know that this isn't a criticism of this site, the community, or even the admins, I'm just making the community aware of these scan results in case it didn't already know. I'd also like to point out that these scan results are not guaranteed to be 100% accurate. False positives do happen, but it is rare that so many false positives (13 different recognized scanners, including Comodo and Trend Micro) are produced by a single small file.

    Admins, if you do believe these to be false positives, it is actually really simple to contact these individual scanners and ask them to white-list you...just go on their forums and let them know--they'll have an analyst look at the file and white-list it if it is actually clean.

    tl;dr: scanned pokesav using a bunch of different scanners, a lot are claiming it to be a trojan/hack tool. This is a post to raise awareness, and bring these results to the admin team.
    Last edited by johnnygg; 12-10-2013 at 03:18 AM. Reason: grammar

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •