Announcement

Collapse
No announcement yet.

Virus found in cbp-vol2-uninstall.exe

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Virus found in cbp-vol2-uninstall.exe

    Today my antivirus software found the trojan "TR/Dropper.Gen" in the above mentioned file, that was part of the community bonus pack 3 volume 2 for UT3.

    This does not worry me too much, as I have not executed the uninstaller (neither have you, I suppose), but I think you should know.
    Also it might very well be a false alarm of my antivirus heuristic routine, but maybe you want to scan your file.
    No further viruses were found.
    I am not sure where I downloaded the bonus pack from, but I'm sure it was a common website.

    #2
    In this case, it is very important to know where you downloaded the file, because the CPB folks wouldn't put a virus in their pack.

    Comment


      #3
      Yes, but as I wrote, I don't remember. And I also would not accuse CBP-people of infecting their uninstaller knowingly. No way!
      I would not rule out the possibility of a false alarm by my antivirus. And as it was the only virus found on my computer, I am not too concerned.

      I just wanted to let you know that you can check your file. Just to be on the safe side.

      btw: the virus also can be found (or more precisely: is detected) in the packed file. So an infection af that file after it was installed is very unlikely.

      Comment


        #4
        That is not part of the real community bonus pack. The real bonus packs are zip files full of maps only. There are no exe files at all. Here are all the file names in the packs.

        cbp3_volume2_zip.zip
        Code:
        Archive:  /homedir/share/games/ut3/MAPS/cbp3_volume2_zip.zip
          Length     Date   Time    Name
         --------    ----   ----    ----
             9674  10-13-08 17:13   CBP3_Volume2_README.txt
                0  10-13-08 17:07   CustomChars/
         10889633  10-09-08 15:41   CustomChars/CatPack.upk
                0  10-13-08 17:07   CustomChars/KatPack/
             2768  09-03-08 05:36   CustomChars/KatPack/UTCustomChar.ini
                0  10-13-08 17:07   CustomChars/WarMachine/
             1619  10-09-08 13:54   CustomChars/WarMachine/UTCustomChar.ini
          9367993  10-09-08 15:41   CustomChars/WMachine.upk
                0  10-13-08 17:07   CustomMaps/
          7624292  10-07-08 02:17   CustomMaps/CBP3-TwilightInsur.upk
              667  10-13-08 16:06   CustomMaps/CTF-CBP3-Agonas.ini
         57880773  10-13-08 16:43   CustomMaps/CTF-CBP3-Agonas.ut3
           858380  10-13-08 16:43   CustomMaps/CTF-CBP3-Agonas_LOC_int.upk
              440  10-13-08 16:10   CustomMaps/CTF-CBP3-Arean.ini
         56305440  10-13-08 16:43   CustomMaps/CTF-CBP3-Arean.ut3
           829913  10-13-08 16:43   CustomMaps/CTF-CBP3-Arean_LOC_int.upk
              294  10-08-08 16:48   CustomMaps/CTF-CBP3-Krodan.ini
         57871234  10-13-08 16:44   CustomMaps/CTF-CBP3-Krodan.ut3
           777322  10-13-08 16:44   CustomMaps/CTF-CBP3-Krodan_LOC_int.upk
              829  10-13-08 16:12   CustomMaps/CTF-CBP3-Morgoth.ini
         48628972  10-13-08 16:44   CustomMaps/CTF-CBP3-Morgoth.ut3
           970275  10-13-08 16:44   CustomMaps/CTF-CBP3-Morgoth_LOC_int.upk
              447  10-13-08 16:16   CustomMaps/CTF-CBP3-TheExcavation.ini
         48298474  10-13-08 16:44   CustomMaps/CTF-CBP3-TheExcavation.ut3
           886366  10-13-08 16:44   CustomMaps/CTF-CBP3-TheExcavation_LOC_int.upk
              460  10-13-08 16:18   CustomMaps/CTF-CBP3-Vengeance.ini
         50572539  10-13-08 16:45   CustomMaps/CTF-CBP3-Vengeance.ut3
           859427  10-13-08 16:44   CustomMaps/CTF-CBP3-Vengeance_LOC_int.upk
              310  10-13-08 16:26   CustomMaps/DM-CBP3-Decay.ini
         60163460  10-13-08 16:45   CustomMaps/DM-CBP3-Decay.ut3
           249075  10-13-08 16:45   CustomMaps/DM-CBP3-Decay_LOC_int.upk
              367  10-13-08 16:25   CustomMaps/DM-CBP3-Solar.ini
         40410458  10-13-08 16:45   CustomMaps/DM-CBP3-Solar.ut3
           192579  10-13-08 16:45   CustomMaps/DM-CBP3-Solar_LOC_int.upk
              373  10-13-08 16:29   CustomMaps/DM-CBP3-Thor.ini
         44594793  10-13-08 16:46   CustomMaps/DM-CBP3-Thor.ut3
           587786  10-13-08 16:46   CustomMaps/DM-CBP3-Thor_LOC_int.upk
         28060229  10-13-08 16:43   CustomMaps/SSRygar.upk
              438  10-13-08 16:33   CustomMaps/WAR-CBP3-Meditation.ini
         57604110  10-13-08 16:46   CustomMaps/WAR-CBP3-Meditation.ut3
          2211149  10-13-08 16:46   CustomMaps/WAR-CBP3-Meditation_LOC_int.upk
                0  10-13-08 17:07   Script/
            16983  10-09-08 15:41   Script/KatPack.u
             6024  10-09-08 15:41   Script/WarMachine.u
         --------                   -------
        586736365                   44 files
        cbp3_volume1_zip.zip

        Code:
        Archive:  /homedir/share/games/ut3/MAPS/cbp3_volume1_zip.zip
          Length     Date   Time    Name
         --------    ----   ----    ----
          9054550  06-23-08 01:43   CBP3-AlterTek9.upk
          6879529  06-23-08 01:28   CBP3-AutumnSigh.upk
          8353179  06-22-08 23:06   CBP3-VeloCity.upk
             9464  06-23-08 01:58   CBP3_Volume1_README.txt
              818  06-22-08 22:56   CTF-CBP3-Touch.ini
         49531272  06-22-08 23:07   CTF-CBP3-Touch.ut3
           916934  06-22-08 23:06   CTF-CBP3-Touch_LOC_int.upk
             1336  06-19-08 14:06   DM-CBP3-August.ini
         38551311  06-23-08 01:27   DM-CBP3-August.ut3
              667  06-23-08 01:08   DM-CBP3-Endura.ini
         37142610  06-23-08 01:28   DM-CBP3-Endura.ut3
            84169  06-23-08 01:28   DM-CBP3-Endura_LOC_int.upk
              364  06-23-08 00:12   DM-CBP3-HongKong.ini
         31592707  06-23-08 01:39   DM-CBP3-HongKong.ut3
              437  06-19-08 00:20   DM-CBP3-IronMaiden2.ini
         51489463  06-23-08 01:42   DM-CBP3-IronMaiden2.ut3
            84245  06-23-08 01:42   DM-CBP3-IronMaiden2_LOC_int.upk
              385  06-22-08 23:00   DM-CBP3-Salvation.ini
         45067980  06-23-08 01:40   DM-CBP3-Salvation.ut3
           192575  06-23-08 01:40   DM-CBP3-Salvation_LOC_int.upk
              337  06-22-08 22:59   VCTF-CBP3-TheDig.ini
         49647432  06-22-08 23:13   VCTF-CBP3-TheDig.ut3
           999311  06-22-08 23:13   VCTF-CBP3-TheDig_LOC_int.upk
             1054  06-22-08 22:56   WAR-CBP3-Airlock.ini
         42786894  06-23-08 01:44   WAR-CBP3-Airlock.ut3
          2105251  06-23-08 01:43   WAR-CBP3-Airlock_LOC_int.upk
         --------                   -------
        374494274                   26 files

        Comment


          #5
          actually there is an installer that they released: cbp3_volume2_installer.exe

          Comment


            #6
            Yes, there were two versions: One with just the files and another with an installer. It is the latter I downloaded. For convinience I thought.

            Comment


              #7
              Great something else to worry about.

              Comment


                #8
                Yesterday, when I was playing on dFb Mattman Sucks, CBP3-TheDig was voted. I hadn't downloaded the map yet, so I did it right from the server. But I got the "UT3 Exe Needs to Close Error." When I tried to reconnect, I couldn't get back on the server. I did later though, so it seems like everything was working fine EXCEPT FOR THAT MAP.

                So DON'T vote for any of those maps then until this is all cleaned up.

                Comment


                  #9
                  There's nothing wrong with those maps and my uninstaller is clean.

                  Comment


                    #10
                    Originally posted by MyOwnShadow View Post
                    Today my antivirus software found the trojan "TR/Dropper.Gen" in the above mentioned file, that was part of the community bonus pack 3 volume 2 for UT3.

                    This does not worry me too much, as I have not executed the uninstaller (neither have you, I suppose), but I think you should know.
                    Also it might very well be a false alarm of my antivirus heuristic routine, but maybe you want to scan your file.
                    No further viruses were found.
                    I am not sure where I downloaded the bonus pack from, but I'm sure it was a common website.
                    Unfortunately I only have the .zip file. If someone else has the .exe then you can compare the file sizes and/or checksums to see if yours is different.

                    If it turns out to be a false positive by your AV software then you should let us know what AV you're using, the application's version number, and the virus definition version/date.

                    Comment


                      #11
                      I scanned it and found nothing

                      Comment


                        #12
                        My antivirus is "Avira Antivir Personal Edition". Search engine version 8.02.00.70, virus definition file 7.01.01.208.
                        Last update 01 Feb 09.
                        I just deactivated the search heuristic algorithm but still the file, which is in quarantaine now, is analyzed as "infected".
                        The file size is 454.136.222 Bytes.

                        More info about the virus:
                        http://www.avira.com/en/threats/sect...opper.gen.html

                        @Zzyzx: I don't think that there is any danger in playing the CBP-maps. Also on my computer the virus was in the uninstaller only and no further harm was done. Probably the UT-crash was due to something else.

                        Comment


                          #13
                          yea UT was saving you from the spawncamping mess that is the dig :P

                          the maps are fine, i have played them all with no crashes, might have been a random UT3 crash

                          Comment


                            #14
                            It is possable that the files been infected later on as i've had no problems with it. And yeah it happens I tried to get a new quake grahpics engine ages ago but the thing was virus invested again about every week because of hackers visiting the poor guys site. Took me ages to get a clean file off there. Alot of others complained about the virus that kept getting into that file as well.

                            Comment


                              #15
                              There are no perfect or even close to perfect AV programs. Most are pretty poor at detecting new stuff. Bottom line is that you really cannot trust AV software to find any NEW virus and you have to deal with false positives based on what the program looks for..

                              Windoze vulnerabilities stem from making it really easy so even a child can use it and requiring no user brain power at all. Skip the exe files and learn how to use the .zip and .rar files and you will be better off.

                              Comment

                              Working...
                              X