Jump to content


Photo

Virus Trojan


22 replies to this topic

#16 Kulyok

Kulyok
  • Members
  • 5622 posts
  • Gender:Female
  • Location:Moscow, Russia

Posted 13 February 2009 - 08:53 AM

Okay, I sent e-mails to AVG/Avira folks(virus at avg.com/avira.com), and submitted a report to Kaspersky team(though we're out of luck: RE_v4 was too big to attach, so I put a direct link instead; I'm afraid it won't work).

Kaspersky is a king of false positives, so, yes, another report won't go amiss.

Aaaand - yes, if you use TendMicro/F-Secure/others and it gives you a false positive(because I never used this software, I'm not sure I should report), please, give them a note, if you are a paid user.


Thank you again for the reports. Phew... I don't know, maybe should do this G3-ifying thing in the next version, after all?

#17 Kaeloree

Kaeloree

    beluga

  • Modders
  • 833 posts
  • Gender:Male

Posted 13 February 2009 - 02:23 PM

This topic might be helpful. We've had a few false reports as well.

#18 Kulyok

Kulyok
  • Members
  • 5622 posts
  • Gender:Female
  • Location:Moscow, Russia

Posted 14 February 2009 - 12:50 AM

Thank you - yes, saw this one, as well. If it's Weidu, we should probably let the_bigg know - maybe replacing Weidu 208 with the latest version will work?

#19 Alboy

Alboy
  • Members
  • 25 posts

Posted 14 February 2009 - 08:02 AM

I updated my AVG Virus yesterday & have 5 Trojan Horses they are all Agent.AYMl.
They are.

RE v4
Assassinations v5
Level 1 NPCs v1.1
Xan BG1 Friend v5
Bonehill v226 Patch

All of these were fine until l updated yesterday.
I sent the list to AVG & they sent back a email saying all files were detected correctly.

Has anyone any idea as to what is happening.

#20 Kulyok

Kulyok
  • Members
  • 5622 posts
  • Gender:Female
  • Location:Moscow, Russia

Posted 14 February 2009 - 10:32 AM

Yes, we do: http://forums.pocket...php?topic=26283

I have just replaced Weidu 208 with Weidu 210 in my mods(Xan, Xan BG1 Friendship, Assassinations). I've also asked to update RE; I'll post when the update is done.

#21 Kulyok

Kulyok
  • Members
  • 5622 posts
  • Gender:Female
  • Location:Moscow, Russia

Posted 16 February 2009 - 03:48 AM

Updated: Romantic Encounters is now based on Weidu 210; no false alarms now, I hope. Thanks to DavidW for updating!

#22 Ohpus

Ohpus
  • Members
  • 20 posts

Posted 21 July 2009 - 05:40 AM

The thought of getting a virus from a Romantic Encounter mod is just ironic.


Edit: After about a week of reinstalling my system I have narrowed down the trojan infection to when I launched BGII. Now granted, I use several mods, but I did not have an infection until I updated the mods I use. The recent verion of RE was one of them. So I wouldn't dismiss it as a false positive as quickly as they did in the beginning og the thread.

To be fair an online scan from windowsecurity.com can out like this:

F:\Archives\Software\Games\Mods and Patches\Baldur's Gate I\Modders\Gibberlings 3\NPC Portrait Pack\bg1npc_portrait_pack-v2.exe detected: Trojan-Dropper.Win32.Agent.apvg!A2
F:\Archives\Software\Games\Mods and Patches\Baldur's Gate II\Alternate Portraits\Gibberlings 3\plasmo_picks-v2.exe detected: Trojan-Dropper.Win32.Agent.apvg!A2
F:\Archives\Software\Games\Mods and Patches\Baldur's Gate II\Modders\Gibberlings 3\Amber NPC\amber-v2.5.exe detected: Trojan-Dropper.Win32.Agent.apvg!A2
F:\Archives\Software\Games\Mods and Patches\Baldur's Gate II\Modders\Gibberlings 3\P&P Celestials\pnpcelestials-v5.exe detected: Trojan-Dropper.Win32.Agent.apvg!A2
F:\Archives\Software\Games\Mods and Patches\Baldur's Gate II\Modders\Gibberlings 3\Totemic Cernd\totemic_cernd-v2.exe detected: Trojan-Dropper.Win32.Agent.apvg!A2
F:\Archives\Software\Games\Mods and Patches\Infinity Engine Mods\Portraits\Gibberlings 3\plasmobg1bg2-v2.exe detected: Trojan-Dropper.Win32.Agent.apvg!A2


...so perhaps its just by chance RE is not "IT" this time. I really didn't expect it to be in P&P Celestials or Amber.

Edited by Ohpus, 09 August 2009 - 08:50 AM.


#23 DCB

DCB
  • Members
  • 11 posts

Posted 16 July 2010 - 04:52 AM

I noticed this has suddenly been flagged in the latest update of ESET which seems fairly random given that it hasn't complained about it in the last year or more it was sitting there.



Reply to this topic



  


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users