Announcement

**Dark_Slayer** · 02-01-2009, 06:39 PM

wtf ?
I found the same trojan in the cbp3-vol1-uninstall.exe and in vol2. I've got the warning out of nowhere. I use antivir PE classic.

**MyOwnShadow** · 02-01-2009, 11:21 PM

Maybe this form of the virus only is detected by an updated virus definition file. Or, as it seems to be only Antivir, that detects it, it is a false positive after all.
At least it is not just me, who finds it...

**ford442** · 02-01-2009, 11:23 PM

i've encountered a few viruses that can spread to other EXEs on your HD - you pretty much just need to explore the folder and it will infect every EXE you browse to.. just in case you aren't aware this is a common complication..

**MyOwnShadow** · 02-01-2009, 11:32 PM

Maybe, but I scanned my computer and it was clean. Except for the uninstaller. Additionally: During this scan the antivirus also scanned the packed EXE and found it again only in the uninstaller within that package (being an EXE for itself). So I am quite sure, that file is the origin. IF it is a real virus.

**VACkillers** · 02-02-2009, 12:20 AM

Well i just thought i would test my files aswell just to give some clarification to some. I scanned both uninstall.exes for cbp1 & cbp2 and both scans Avast+Spybot have found nothing with them.

I'd be interested to know where you downloaded the CBPs from? and which servers you have been playing online aswell, they've obviously been modified somehow while you've been online is my guess, as i've never taken my UT3 online.

**FragTastic** · 02-02-2009, 02:40 PM

you can check any files you find suspicious at www.virustotal.com . They will run them thru 22 anti virus programs and give you the results for free. Ive used them when my AV has given me an infected msg i thought was untrue. However I download about 90% of community maps and I have never had an issue with viruses in maps, not even a false warning. Same holds for my large UT2K4 collection.

**commiecat** · 02-02-2009, 04:25 PM

Originally posted by MyOwnShadow View Post

Maybe, but I scanned my computer and it was clean. Except for the uninstaller. Additionally: During this scan the antivirus also scanned the packed EXE and found it again only in the uninstaller within that package (being an EXE for itself). So I am quite sure, that file is the origin. IF it is a real virus.

The easiest way to solve this would be to compare your file to one that is known to be clean. If the checksums are equal then it's a false positive and you should either let the AV company know, or the CBP people know so that they can at least provide a warning.

If the checksums are different then it could be a legitimate vulnerability and, again, I'm sure that the CBP folk would like to be aware.

**evilmrfrank** · 02-02-2009, 04:29 PM

If there is a virus in the CBP installers I can assure you it was not of our doing.

**drewtral** · 02-02-2009, 05:39 PM

I don't know if this will help ease your mind any, but over the last few days I've been getting false positives out the butt from a wide variety of programs, including Trojan Droppers. The .gen means generic, which means it probably isn't a virus but it is getting picked up by your Heuristic detection for having virus like tendencies.

It's not just you and I and none of us are using the same anti-virus software (though a shared resource of definitions could be possible.) All the same, it's probably nothing.

**DrFish** · 02-02-2009, 05:42 PM

One can never be too careful

**Haarg** · 02-02-2009, 06:45 PM

I put together in the installer, so I've been checking into this.
I downloaded Avira AntiVir Personal, configured it to high detection level, and had it update its definition files.
Product version: 8.2.0.337
Search engine version: 8.02.00.71
Virus definitions version: 7.01.01.216

Then, I downloaded CBP3 Volume 2 from BeyondUnreal using the FileFront mirror, verified that it had the correct MD5 hash, and installed it.

Scanning the installer, the installed files, and the uninstaller didn't detect any viruses.

**MyOwnShadow** · 02-02-2009, 08:18 PM

Haarg, I can verify your results.

The new VDF and search engine that was released today (i.e. your files) reports the quarantained files not as a virus anymore, but as "suspicious".
So probably after all it was nothing.

Sorry, everyone, I did not mean to start any panic. But if it had been a real threat, not warning you would have been worse, I think.

**DrFish** · 02-02-2009, 10:37 PM

happy end.. that's what counts

**Spoondog** · 02-02-2009, 11:49 PM

Glad to see this sorted out. Could you please stick a "[solved]" or something in the subject line for this thread?

**Zoë(Co30)** · 02-03-2009, 03:41 AM

As an aside... Antivir is a very good program, I use it myself. It's heuristics can go a little overboard sometimes, and it'll detect virus' that aren't there. That's why it's important to know the source of your downloads, and try to get even well known programs off the authors site, or recommended mirrors. You can double check files through several scanners at virustotal.com http://www.virustotal.com/

Announcement

Virus found in cbp-vol2-uninstall.exe

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment