MobMap development blog

So now it has happened to MobMap, too: the heuristic algorithms of a virus checker program thought they had found a trojan horse named "trojan-PSW.Win32.WOW.arr" in the MobMap installer file.

The virus scanner was the one from Kaspersky Labs. Though no other virus scanner (besides those which use the Kaspersky engine) found anything suspicious in the MobMapInstaller.exe, the alert from one of those programs together with the fact that a trojan horse with this name actually exists set quite some people up and made them suspicious. In the light of the situation of WoW being one of the top priority targets of account thefts all over the world, this is a perfectly normal reaction, even though heuristic algorithms are known to produce way more false alarms than signature-based virus checks.

But thanks to Regnor from EU-Rexxar, who quickly sent the warning in to Kaspersky for further analysis, we can be certain that there is no trojan hidden in the MobMap installer file:

Hello,

MobMapInstaller.exe

We are sorry, it is false alarm. It will be fixed as soon as possible. Thank you for your help.

Please quote all when answering.

--
Best regards, XXX
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

Kaspersky has reacted quite fast and updated their virus signature files. I ran the MobMapInstaller file through the Kaspersky scanner myself last night, and the scanner didn't find the mysterious trojan anymore. To be as secure as possible, I also ran a full system scan on my development machine last night with two different virus scanner programs (none of them reported anything), and I checked my servers and especially the files that are stored for download for any signs of manipulation - but there were no signs to be found.

Of course, that still might not be enough to convince everybody that the MobMap installer file and updater are 100% virus-free. If you are one of those people, I'd suggest you to manually download MobMap and the database from the MobMap website in the form of zip archives. These archives don't contain any executable programs where trojans could possibly be hidden; they consist of only lua and XML files which cannot contain trojans (or, to be precise: there is no known way to inject malicious code that could break out of WoWs UI Runtime system into these files as of today; any good programmer can assure you that it is not entirely impossible that such a way is found one day).

I'd like to personally thank Regnor from EU-Rexxar here for sending that report to Kaspersky! Thanks to him, this entire thing was already fixed by Kaspersky when I saw the first trojan reports here in the comments.

[Edit] Now this is really funny: I just tried to login to the WoW forums and got an error message. Then I logged into account management and found my WoW account to be frozen - which should not be possible, as I had a recurring subscription up and running which I have never cancelled. The last paid timeframe just expired this weekend, but instead of billing my bank account for another six months, Blizzard for some reason decided to freeze my account instead.

I first got a shock because I thought this had something to do with the trojan warning from Kaspersky (maybe someone reported the false positive to Blizzard as a "sure thing", which might cause them to freeze my account because it's no secret that I'm the author of MobMap). But it turned out that Blizzard just "forgot" to bill my bank account - after I had set up the subscription another time, my account was instantly reactivated. Phew...my raid participation tonight is safe again ;-)

Researching the mysterious "port freeze" bug was easier than I thought: the hint that Gatherer was affected pointed me directly to the one thing that Gatherer and MobMap have in common: they both use the Astrolabe library to display things on the minimap. And fixing this bug was even easier: the developer of Astrolabe, Esamynn, already knew that his library was freezing the client and a fix was already available in his sourcecode repository. Thanks Esamynn!

And the problem at line 599 was rather simple to fix, too, so I decided to release v1.61 with these crucial fixes immediately. It's online for you to grab via the MobMapUpdater or the manual download!

Okay, so there seem to be some problems with MobMap since patch 2.4:

- Multiple users reported that MobMap would cause their game to freeze completely when teleporting across continental (and therefore physical server) boundaries. However, some reports indicated that this phenomenon has been observed with other addons as well. While most of the users don't seem to exhibit this bug, there definitely seems to be a problem, and I'll look into it and try to find the source.

- MobMap seems to crash sometimes when visiting a vendor (judging from the error message I suppose that it is a vendor with items which the player doesn't already have in its local item cache) and produces an error message: ...\AddOns\MobMap\MobMap.lua line 599: attempt to concatenate local 'itemTexture' (a nil value). This one should be easier to pin down, so it's of course going to be fixed.

I think I'll combine those fixes (and fixes for any problems that might still arise during the next days) in an improved release 1.61.

Character encodings are a real PITA.

Earlier today, I improved the MobMap parser backend that parses the uploaded data to gain some more speed in order to be better able to cope with the spike of data that's currently being uploaded. Those were pretty simple and straightforward improvements, I did a quick test if they worked and they worked perfectly. So I pushed the software onto the server and kicked it off.

Some hours later I noticed a lot of garbage in the german MobMap database. It turned out that the parser program was messing around with the german Umlauts, inserting questionmarks instead of the Umlauts all the time - and it was already doing that for hours! Half of the german MobMap database was pretty much fucked up by this.

Of course I didn't intend this behavior - it was the result of me developing my optimizations on a new Linux-based notebook, where I had to install Eclipse (the premier Java development environment) and check out the source code from my repository first because I hadn't developed anything on this machine yet. While doing that, I missed one important detail: I should have set the encoding setting for the parser source file (for some reason the Linux and Windows versions of Eclipse behave differently in that matter, so you sometimes have to manually set the encoding you want if you do work on both platforms). I forgot that, and Eclipse messed up the Umlauts in the file without me noticing it - the file did of course compile fine, and it ran without any problems. Until I noticed this growing pile of garbage in the database...

OH SHIT! I pulled the emergency brake, shut down the whole thing (including the web frontend - that's why the MobMap site was inaccessible for a few hours) and inspected the mess. It was pretty clear that cleaning this mess up would take way longer than recovering with a database backup and parsing the whole stuff again. So I took the backup route.

The backup is in place now, and everything does at least seem to work again. However, this backup didn't include any of the new already-parsed patch 2.4 content :-( so please don't wonder that the MobMap database that's online for download now does miss all that stuff. I'm working to get the parser up and running again (and this time without messing up the whole database!) and hope to be able to create the first MobMap database files with the patch 2.4 stuff soon.

While the realm servers are coming online with patch 2.4 in the US (and in about 10 hours in Europe, too), grab the newest MobMap version which has just been released. It is not only updated for the new major patch, but it also contains a few minor changes and improvements.

v1.60:
- fixed: Interface version number changed for patch 2.4
- changed: The transparency setting for the dots on the world map has been replaced by configuration options for the outer and inner color of the dots. You can now customize colors and transparency this way.
- added: If a quest title quicksearch query does result in multiple quests with the same title, you will now be able to cycle through those quests by two new buttons in the quest details window.

I hope there is no need for an immediate release of v1.61 - however, if you encounter any new problems, please report them as detailed as possible.

A new version of the MobMapUpdater has just been rolled out via the auto update process. This update contains some changes in anticipation of the WoW patch 2.4 as well as a bugfix and some improvements.

The fix is for the old "MobMapUpdater in automatic mode preventing Windows XP from shutting down" bug. I've finally been able to reproduce this error (funny enough, I managed to reproduce it in a virtual machine after I failed to reproduce it on several physical machines) and fix it afterwards. The MobMapUpdater shouldn't prevent Windows from shutting down anymore.

The improvements concern the data upload process. It should be more stable now (thus being less likely to block indefinitely) and the data is being compressed before being uploaded, which drastically shortens upload times especially on slower connections. I definitely should have implemented this compression way earlier, as the bzip2 compression ratio is simply phenomenal (like 1/5th to 1/10th of the original size) for the XML data format used to transfer the collected data.

As always: please report if there are any new problems with this update.

Currently there seems to be a slight problem in the database build process that's preventing the build from completing successfully. I'm already investigating this problem and hope to have it fixed as soon as possible.

[UPDATE] All right, got it. Updates can be downloaded again, and the parsing of newly uploaded data should be back to normal as soon as that 1.25 gigabytes of data that's been piling up is parsed.