Mod Security

[Rabbit1251]

Not to look a gift mod in the mouth, if you take my meaning, but this question has been bothering me for quite some time now. Does the TESNexus screen uploads for malicious viruses or trojans before putting them up for adoption? Thank you for reading my inquiry.

 

 

Rabbit

[LHammonds]

IIRC, the archives are scanned with a virus scanner during the initial upload. I don't know if the servers manually scan all files on a regular basis or not. Only Dark0ne knows that answer.

 

However, a virus scanner will not detect a malicious .ESP plugin or joke mod. But this community is quite active and "problem" mods are quickly discovered and taken care of in a timely manner.

 

There are VERY few files uploaded that are even capable of being "infected" with a virus or trojan since they have to be EXE, COM, DLL or similar executable programs and I have yet to recall any uploaded file becoming infected AFTER it has been uploaded (e.g. being corrupted on the server side by a server-based virus).

 

If you suspect a program uploaded to the Nexus as containing a virus, I recommend that you upload that file to www.virustotal.com which scans the file using many current virus scanners (about 40). If the results show a high likelihood of the file being a virus (rather than a false-positive from a single vendor), then please use the REPORT feature on this site to alert the staff of the problem and your findings.

 

Thanks,

LHammonds

[Rabbit1251]

I always scan my downloads from here just to make doubly sure that all is kosher with them (as the Russians say, "Trust, but verify".), but some can occasionally slip by me without being scanned even so. I do remember a 'child' who not long ago uploaded a 'mod' here with a .bat file in it that hit at least one individual pretty badly. You just can't be too careful. Thank you for your response, my friend.

 

 

Rabbit

[LHammonds]

I always scan my downloads from here just to make doubly sure that all is kosher with them (as the Russians say, "Trust, but verify".),

Well, it certainly can happen since anti-virus scanners were designed to really only allow one active scanner at a time. Be sure to look at this page regarding the detection rate of a virus that ALL scanners find...which also implies how many viruses can pass individual scanners undetected.

 

but some can occasionally slip by me without being scanned even so.

None slip past unscanned on my system (I use Comodo Internet Security). All my files are also scanned weekly with the latest definitions to catch any "potential" viruses that have been undetected in the past with old definitions and buried in a non-active archive.

 

I do remember a 'child' who not long ago uploaded a 'mod' here with a .bat file in it that hit at least one individual pretty badly. You just can't be too careful.

I missed that one. Then again, I have not been nearly as active as I once was. I do not know the details of that case but poorly written BAT files can be just as damaging as a bad virus...even if they were not meant to be malicious. A simple typo of a variable to change a directory can have dire consequences depending on the following actions that "think" they are in the right folder.

 

Thank you for your response, my friend.

You're welcome.

 

LHammonds

[bben46]

I remember the malicious Bat file. it was a very simple exploit - the kind of thing you used to see in DOS.

Fortunately, MOST people looked at the bat file before trying to run it and saw the obvious malicious intent.

It was taken down and the poster banned in a short time.