One Hour One Life Forums

a multiplayer game of parenting and civilization building

You are not logged in.

#1 2023-07-23 08:27:58

profilore
Member
Registered: 2023-07-23
Posts: 3

Anyone else get a trojan from the last update?

My windows defender found a trojan in OneLife.exe suddenly. Trojan:Win32/Bearfoos.B!ml. Anyone else this happen to, or is it just me?

edit: to clarify, after the virus was found, i deleted the game, downloaded it again. it was fine until the game loaded the updates, then it was suddenly infected again.

Last edited by profilore (2023-07-23 09:01:24)

Offline

#2 2023-07-23 13:01:37

Shady
Banned
Registered: 2023-07-04
Posts: 113

Re: Anyone else get a trojan from the last update?

If you have a download manager that could be the issue, just make sure it doesn't stay on your computer, according to the web it allows attackers to send commands into your computer for malicious activity.


I am Shady, I love exploring the internet.

Offline

#3 2023-07-23 13:10:43

profilore
Member
Registered: 2023-07-23
Posts: 3

Re: Anyone else get a trojan from the last update?

I downloaded straight from my link from jason's website.

Offline

#4 2023-07-23 16:15:31

selalov734
Member
Registered: 2021-06-01
Posts: 77

Re: Anyone else get a trojan from the last update?

Can you upload the file here: https://www.virustotal.com/gui/home/upload
and screenshot the result (if there is one)

Offline

#5 2023-07-23 17:25:16

profilore
Member
Registered: 2023-07-23
Posts: 3

Re: Anyone else get a trojan from the last update?

I deleted the files just in case, sorry. And after a reboot, i downloaded the steam version of the game, and the problem seems to have fixed itself. But if it comes back I will!

Offline

#6 2023-07-23 18:16:32

Shady
Banned
Registered: 2023-07-04
Posts: 113

Re: Anyone else get a trojan from the last update?

Somebody could have hacked into the website; it is marked as Not secure meaning it has no certificate.


I am Shady, I love exploring the internet.

Offline

#7 2023-08-03 08:51:32

DoubleDot
Member
Registered: 2023-08-03
Posts: 1

Re: Anyone else get a trojan from the last update?

selalov734 wrote:

Can you upload the file here: https://www.virustotal.com/gui/home/upload
and screenshot the result (if there is one)

I suddenly got the same problem today, but mine didn't resolve itself after reinstalling the game. I uploaded the file there, but most of the undetected-marks didn't fit in the screenshot.

bd64a7d8e67eda06b487dde126e6e7c7.th.png

Last edited by DoubleDot (2023-08-03 08:53:07)

Offline

#8 2023-08-03 12:12:13

jasonrohrer
Administrator
Registered: 2017-02-13
Posts: 4,805

Re: Anyone else get a trojan from the last update?

I got an email about this today.  I'm CC'ing my response here for others:

>>>>>>>>>>>>>>>>>>
Sorry for the confusion and trouble.

I'm guessing that it's a false alarm.  I build the Windows version on a relatively isolated PC that I never use for anything else (it's old and slow, and has nothing installed on it).  And nothing about that PC has changed recently (I've been building the Windows version in the same environment for 5+ years).

However, I'd like to check it out.

Can you send me the OneLife.exe file somehow?  Some email programs forbid attaching EXE files, so maybe you need to post to Google Drive and then send me a link to it?
>>>>>>>>>>>>>>>>>>>



Also, I found this:

https://superuser.com/questions/1416678 … -aml-virus

Apparently, once I verify that the application isn't actually infected, I can submit it to MS for whitelisting by Windows Defender.  Also, here's the list of types of software that MS will tend to flag:

https://learn.microsoft.com/en-us/micro … -worldwide

This includes software that downloads stuff.  And OHOL does this, of course, in order to download each weekly update.  And those downloads include EXE files (the update to the game itself).  Furthermore, the latest version of OHOL also downloads pictures while running (whenever you pick up a photograph to look at).

I've heard that even some Steam users are having this problem.  While the Steam version doesn't download anything itself (Steam handles the update stuff outside of the game), the code that handles this is still included.  And the picture-downloading stuff is still in there.

Offline

#9 2023-08-03 16:33:36

jasonrohrer
Administrator
Registered: 2017-02-13
Posts: 4,805

Re: Anyone else get a trojan from the last update?

I have verified that the OneLife.exe file that you have is exactly the same one that I uploaded from my clean-room machine.  It has not been tampered with by any third parties.

If you want to verify the OneLife.exe file yourself, you can use this tool:

https://emn178.github.io/online-tools/md5_checksum.html

The MD5 Checksum should be:

69fd65121c5dec63ed89ca2526c7d747


Thus, I think this is likely a case of Windows Defender being too aggressive after an update to Windows Defender itself.  Whitelisting with Windows Defender should be safe.

Note that after future updates, the OneLife.exe file will change, and that checksum will also change.  That checksum is valid for the current version only.

Offline

#10 2023-08-03 21:59:05

jasonrohrer
Administrator
Registered: 2017-02-13
Posts: 4,805

Re: Anyone else get a trojan from the last update?

Okay, I submitted it to Microsoft, and it got the all-clear.  Supposedly, it has been removed from Windows Defender now.

Instructions on how to update Defender are here:

https://www.microsoft.com/en-us/wdsi/su … 5bbb342d71

Offline

Board footer

Powered by FluxBB