back door virus warning

Discussion in 'The Temple of Elemental Evil' started by tom, Jun 13, 2008.

Remove all ads!
  1. Tyrannar

    Tyrannar Wanderer in the dark

    Joined:
    Jan 3, 2008
    Messages:
    85
    Likes Received:
    0
    BINGO! Mine too, i had to disable it to be able to run ToEE.exe
     
  2. Greylan

    Greylan Established Member

    Joined:
    Aug 17, 2007
    Messages:
    100
    Likes Received:
    0
    To give an update, my Avast home edition 4.8 just did the same for me finally. I imagine it's a false positive, but I doubt Avast will fix it given the fact that there's not tons of people reporting it as a problem. :(
     
  3. kinddrow

    kinddrow Member

    Joined:
    Jul 10, 2008
    Messages:
    1
    Likes Received:
    0
    I too have Avast v 4.8 and it found the GcW file to be infected. I really doubt that it is, and so I have blocked it by going to On Access Protection Control -> Standard Shield -> Customize - > Advanced -> Add at the bottom, and added the toee.exe file directly to that list. That has allowed the game to run without turning off the AVG.
     
  4. coreyh2

    coreyh2 Member

    Joined:
    Jul 17, 2008
    Messages:
    1
    Likes Received:
    0
    I sent the file and a email to avast and got this back.


    Sir,
    although the file has been patched, it does not contain any malware. avast! is wrong reporting it, and we are sorry for the mistake and all troubles it might cause. It will be fixed by the next avast! update.

    David Podracky - equipe de soutien avast!
     
  5. maggit

    maggit Zombie RipTorn Wonka

    Joined:
    Oct 20, 2005
    Messages:
    1,945
    Likes Received:
    0
    That's great news! Thanks for reporting this here!
     
  6. Zebedee

    Zebedee Veteran Member Veteran

    Joined:
    Apr 2, 2005
    Messages:
    1,755
    Likes Received:
    0
    Just got AVG 8. Seems like the auto-scan feature functions the same as Norton and will probably result in the same problems unless disabled either in the AVF control centre or your version of ToEE doesn't really care any more about copy protection. Anyone having troubles with the Frontend using AVG 8?
     
  7. Half Knight

    Half Knight Gibbering Mouther

    Joined:
    May 16, 2007
    Messages:
    2,148
    Likes Received:
    1
    You don't know what you're getting into, Zeb.

    Just disable the "resident shield" feature (it should turn from green to red).
    That'll let you work without problems, but you'll get one of those annoying "ME ME ME" pop up from AVG, announcing mayhem, chaos, death and famine cos you resident shield feature is off.

    In my case, ToEEFE won't start if you have "resident shield" active, since this feature scans every file you open and/or close, FE detects the usual error of "being used or interferred" and won't open. If it happens once, you need to rebbot, cos FE will still throwing the error even if you disabled the shield.

    Also, be careful, and check the vault periodically. AVG 8 has the friendly habit of cropping whatever file thinks it's dangerous and putting straigth there...and after a while it will dissapear if you dont restore it.

    It will detect the no-cd crack, (the dev_tep file) and not only will remove the crack itself, but also the .exe AND the .rar file called dev-tep. HA HA :chainsaw:

    It also detects certain system files from windows, and guess what? To the vault too. Those files seem to be of some importance (theyre .exe) cos, t'ill i've figured all this, lots of those files had been "vaulted" and lost, and now my install is crap.

    Sincerely, i cursed the day ive updated to 8. The previous was annoying, but this one is simply HEINOUS.
    *end of rant*
     
  8. thearioch

    thearioch Need More Cowbell

    Joined:
    Sep 16, 2007
    Messages:
    178
    Likes Received:
    0
    I just made Residence Shield exclude C:\Program Files\Atari -- we'll see what happens (burn AVG 8, burn).

    --thearioch
     
  9. Zebedee

    Zebedee Veteran Member Veteran

    Joined:
    Apr 2, 2005
    Messages:
    1,755
    Likes Received:
    0
    Thanks for the tips guys :) I figured something was up when I saw lots of virus warnings for things which I know are totally virus free. I know because I did them :doh:

    These permanently active scanners are bad news. Does anyone know if Avast uses them atm because I'm all up for changing my anti-virus now? At least AVG will be easier to remove than norton though :chainsaw:
     
  10. Half Knight

    Half Knight Gibbering Mouther

    Joined:
    May 16, 2007
    Messages:
    2,148
    Likes Received:
    1
    I knew someone had found the problem:

    That pretty much explains it. Even when Cuch's search wasn't for AVG, those false positives that mentions are exactly the ones that AVG found. I got those deleted by AVf***G along with other system files.

    Just remember to uncheck the box for "resident shield" and you'll be fine, at least to work with FE.
    But remember, whenever you do an AVG run, it will detect the system files and all the dev_tep files and throw them to vault (i'm repetitive with this, cos if you let it pass, it will delete ALL the related files, and you wouldn't know what's screwed)
     
  11. Gaear

    Gaear Bastard Maestro Administrator

    Joined:
    Apr 27, 2004
    Messages:
    11,038
    Likes Received:
    42
    Funny - I examined an older AVG virus scan log the other day and discovered that it had attacked the update utility for Adobe friggin' Reader of all things. What the hell happened to AVG? It's one of those predictably depressing things - once solid software suddenly goes belly up in the span of a single 'upgrade.' :shame:
     
  12. Zebedee

    Zebedee Veteran Member Veteran

    Joined:
    Apr 2, 2005
    Messages:
    1,755
    Likes Received:
    0
    Just a head's up....

    I've had my no-cd crack since it first came out for ToEE. No changes, no problems, no worries. No viruses.

    AVG 8 has been falsely reporting it as virus full ever since it installed itself. That was nonsense.

    Yesterday afternoon, someone hacked my wireless network and did put a virus on the no-cd crack. It's trashed my PC. Totally.

    I've lost my personalised version of ToEE (2 years of work gone. No back-up because I had the backup HD plugged in at the time heh), plus absolutely everything else.

    The malware slowed AVG down so that it couldn't keep up and then proceeded to repartition and reformat my HDs. My OS HD went from 80 gigs to a 600 meg partition. There must have been a flaw in windows firewall that they found, although it could be they malwared it as for the past couple of days it has been a little slow in activating. Impossible to say now.

    As I wasn't in at the time (mea culpa) I wasn't able to stop it.

    So I won't be using AVG 8 in the future :)

    edit: and the answer is 'yes, I did cry. Like a baby.' :censored:
     
    Last edited: Aug 8, 2008
  13. RiskKiller

    RiskKiller Member

    Joined:
    Aug 10, 2008
    Messages:
    2
    Likes Received:
    0
    I have been testing the supposedly infected No-cd files.

    I configured my AVG to allow them to run and with the Front end the game ran fine. However my Firewall (COMODO Firewall Pro) intercepted a call from TOEE.exe to the Internet using TCPIP.

    TOEE.exe was trying to call 131.107.115.28 port 80.

    Which is Microsoft according to whatismyipaddress.com.

    General Information

    Hostname: crl.microsoft.com
    ISP: Microsoft Corp
    Organization: Microsoft Corp
    Proxy: None detected
    Type: Cable/DSL

    Geo-Location Information

    Country: United States
    State/Region: WA
    City: Redmond
    Latitude: 47.6706
    Longitude: -122.0685
    Area Code: 425


    Anyone have a clue about this.
     
  14. RiskKiller

    RiskKiller Member

    Joined:
    Aug 10, 2008
    Messages:
    2
    Likes Received:
    0
    I just checked a different version of the file from a different download and TOEE.exe made the same attempt to connect.
     
  15. Zebedee

    Zebedee Veteran Member Veteran

    Joined:
    Apr 2, 2005
    Messages:
    1,755
    Likes Received:
    0
    It might be that some versions of the crack did have a virus? I've just downloaded a safe version and Avast and Spybot have found no problems.

    Odd one - because I thought that was the version of the crack I'd had all along. Hmmm. :paper:
     
Our Host!