Trojan in Melty Blood ReAct-English?

Let's talk about the port of the port of the port of the update of the port of the port of the update of the expansion of the game that will apparently never be awesome enough.

Moderator: Staffers

Trojan in Melty Blood ReAct-English?

Unread postby BettiePage » December 12th, 2007, 6:05 am

My virus scanner just popped up a window saying a "Threat Detected!"

the file is mbr-english.exe

Trojan horse Dropper.Agent.GBI
BettiePage
Totally hardly posted
 
Posts: 16
Joined: December 4th, 2006, 9:45 pm

Unread postby Message » December 12th, 2007, 11:16 am

Please provide information on your virusscanner. Brand, name, exact scanner version number, exact virus database version number.
User avatar
Message
Master of Bad Puns
 
Posts: 1845
Joined: October 25th, 2004, 6:27 pm
Location: Netherlands

Unread postby Mr. X » December 12th, 2007, 12:44 pm

Well, I just registered and I came across this... Just in time because the same thing happened to me :cry: The worst is tha the .exe file is "incomplete" or something so even if you just ignored the warning, you can't play. I tried uninstalling the game, re-installing it, and it's the same thing over and over. I even tried re-installing everything from scratch, which led to the lost of my entire record in the game (by the way, would be gratefull to know which file is the one to back-up to keep my progress and ending list and stuff safe :) . I'm guessing that we both use the same anti-virus, so here are my specs of the program:

AVG Free Edition 7.5.503
Database Version 269.17.1/1181

I'm using Windows XP SP2.
Mr. X
Posting more than n00bs
 
Posts: 20
Joined: December 12th, 2007, 12:37 pm

Thats right

Unread postby BettiePage » December 13th, 2007, 12:06 am

Sorry I do use AVG Free Edition and I did update to the most current update that day.

Also using Windows XP Home for the OS.
BettiePage
Totally hardly posted
 
Posts: 16
Joined: December 4th, 2006, 9:45 pm

Unread postby BettiePage » December 13th, 2007, 1:20 am

ok here are the details on my system currently...

AVG Free Edition
Program version: 7.5.503
Virus base: 269.17.1/1182

O/S: Windows XP Home SP2
BettiePage
Totally hardly posted
 
Posts: 16
Joined: December 4th, 2006, 9:45 pm

Unread postby Message » December 13th, 2007, 9:12 am

Alright, I can reproduce this. I will contact Grisoft and ask them to fix it.
User avatar
Message
Master of Bad Puns
 
Posts: 1845
Joined: October 25th, 2004, 6:27 pm
Location: Netherlands

Unread postby Mr. X » December 13th, 2007, 8:42 pm

Wow, like if we didn't have enough to thank you guys for :oops: By the way, the japanese mbr.exe also has the same problem, so I would believe that is a problem between AVG and ReACT, not specifically ReACT English. Hope it helps for something :wink:
Mr. X
Posting more than n00bs
 
Posts: 20
Joined: December 12th, 2007, 12:37 pm

Unread postby Message » December 13th, 2007, 9:28 pm

Mr. X wrote:By the way, the japanese mbr.exe also has the same problem

Yes, but only in the FT patch. The version on the CD is "clean". Will you believe that it's impossible to contact Grisoft's technical department if you don't have an AVG license? I had to send my report to their bloody sales department. >____>
User avatar
Message
Master of Bad Puns
 
Posts: 1845
Joined: October 25th, 2004, 6:27 pm
Location: Netherlands

Unread postby Mr. X » December 15th, 2007, 12:19 pm

Wai... What? The sales department? :shock: What the... By the way, a new update for the AVG, after 2 days :roll: I'll try installing ReACT and post here the results :wink:
Mr. X
Posting more than n00bs
 
Posts: 20
Joined: December 12th, 2007, 12:37 pm

Unread postby Message » December 15th, 2007, 3:39 pm

No, the file still regarded as infected. It may take a while before they fix this, especially considering the hackjob method I had to use to contact them.
User avatar
Message
Master of Bad Puns
 
Posts: 1845
Joined: October 25th, 2004, 6:27 pm
Location: Netherlands

Unread postby Mr. X » December 15th, 2007, 4:49 pm

Hackjob? :shock: I'm already picturing you as a hacker creating a false avg license account and sending the petition via a non existen mail :lol: Unfortunately I read your post after re-installing ReACT, because as you said it hasn't been fixed :cry:
Mr. X
Posting more than n00bs
 
Posts: 20
Joined: December 12th, 2007, 12:37 pm

Unread postby Euphemism » December 15th, 2007, 6:57 pm

This thread mentions how false positives should be reported to AVG. Apparently, the method is to upload it to some online virus scanner (haven't been able to get that to work yet, the server's overloaded), then if it clears, you submit an email to virus@grisoft.com, with the file attached in a password-protected archive. Might be faster than putting it through sales. Judging by the timestamps on the forum, it took less than 5 hours to get a reply.

Also, to get around the fact that AVG is cutting off your access to the files since they're regarded as trojans, you have to open up the command center and turn off the resident shield. That restores your access to MBR, and to other potential viruses on your hard drive ^_^. So make sure to turn it back on when you're done playing.

Edit: The online virus scan turns out these results for mbr-english.exe. Not sure if this is anything meaningful - google doesn't turn up any english results for them.
Code: Select all
A-Squared    Found nothing
AntiVir    Found nothing
ArcaVir    Found nothing
Avast    Found nothing
AVG Antivirus    Found Dropper.Agent.GBI
BitDefender    Found nothing
ClamAV    Found nothing
CPsecure    Found Troj.Dropper.W32.Agent.czj
Dr.Web    Found nothing
F-Prot Antivirus    Found nothing
F-Secure Anti-Virus    Found Trojan-Dropper.Win32.Agent.czj
Fortinet    Found nothing
Ikarus    Found Trojan-Dropper.Win32.Agent.czj
Kaspersky Anti-Virus    Found Trojan-Dropper.Win32.Agent.czj
NOD32    Found nothing
Norman Virus Control    Found nothing
Panda Antivirus    Found nothing
Rising Antivirus    Found nothing
Sophos Antivirus    Found nothing
VirusBuster    Found nothing
VBA32    Found Trojan-Dropper.Win32.Agent.czj
Euphemism
Totally hardly posted
 
Posts: 12
Joined: May 14th, 2007, 1:40 am
Location: Montreal

Unread postby Mr. X » December 15th, 2007, 8:46 pm

For what I could understand, it seems the antivirus programs listed there are finding 5 differente types of viruses in the .exe file :shock:
About disabling the resident shield, I actually did it before a clean install... the .exe files ended up the same way without even the "kinoko" icon :cry: When I clicked it, it says is not a valid file :? This reminds me when Norton detected a virus in a system file and ruined a lot of computers :roll:
Mr. X
Posting more than n00bs
 
Posts: 20
Joined: December 12th, 2007, 12:37 pm

Unread postby Message » December 16th, 2007, 12:05 pm

Actually I count only two different names there... Either way, you will need to disable your virusscanner every time you want to play the game, but that's definitely not a good idea. I suggest waiting until a fix is available.

Thank you very much for the info, Euphemism. I've sent another report to their official mailbox.
User avatar
Message
Master of Bad Puns
 
Posts: 1845
Joined: October 25th, 2004, 6:27 pm
Location: Netherlands

Unread postby Message » December 16th, 2007, 6:41 pm

Dear Sir,

Thank you for your e-mail.

Please let us inform you that the false positive detection of the file
will be removed in next virus database update.
AVG will not detect this file as a threat anymore.

In case of any other problem or question regarding AVG please feel
free to contact us.

Thank you.


Best regards,

Jan Brezina
AVG Technical Support

One down. That leaves CPsecure, F-secure, Ikarus, Kaspersky, Norman and VBA...

Edit: I've contacted the other companies as well. Unfortunately McAfee, PC Cillin and several other security suites are not included on http://virusscan.jotti.org/ . If anyone has problems with those programs, please let me know.

Edit2: A new AVG definitions file has been released, mbr.exe and mbr-english.exe are no longer recognized as infected. ArcaBit and FortiNet have updated their virus definitions as well. Sophos couldn't get any positive, false or otherwise, in their test labs. They assume the scanner used on that multiscan website is outdated.
Last edited by Message on December 17th, 2007, 1:00 pm, edited 3 times in total.
User avatar
Message
Master of Bad Puns
 
Posts: 1845
Joined: October 25th, 2004, 6:27 pm
Location: Netherlands

Unread postby Mr. X » December 16th, 2007, 7:44 pm

:P Now to wait for the update :lol: Thanks a lot Message :wink:
Mr. X
Posting more than n00bs
 
Posts: 20
Joined: December 12th, 2007, 12:37 pm

Unread postby Azhrarn » December 17th, 2007, 5:58 pm

new AVG update is here, and yay! it is fixed
Azhrarn
Totally hardly posted
 
Posts: 1
Joined: December 17th, 2007, 5:56 pm

Unread postby Curry-senpai » December 24th, 2007, 3:15 am

XP Home SP2
Mcafee virus scanner: 12.0.176
DAT version: 5191
Mcafee Firewall: 9.0.163
Melty Blood ReAct English: 1.7

My scanner has never thrown virus alert for mbr-english.exe but the firewall did pop up an alert once that the program was trying to make a connection to the internet. I don't know if this fits with the topic but I thought that I would mention it any always.
Curry-senpai
Totally hardly posted
 
Posts: 3
Joined: August 20th, 2007, 9:46 pm

Unread postby Message » December 24th, 2007, 8:32 am

Curry-senpai wrote:My scanner has never thrown virus alert for mbr-english.exe but the firewall did pop up an alert once that the program was trying to make a connection to the internet. I don't know if this fits with the topic but I thought that I would mention it any always.

That is very interesting... It's not supposed to, as far as I know. Has anyone else ever noticed this?
User avatar
Message
Master of Bad Puns
 
Posts: 1845
Joined: October 25th, 2004, 6:27 pm
Location: Netherlands

Unread postby noradseven » January 2nd, 2008, 5:41 am

problem #1 its free virus security
problem #2 its a windows thus prone to unknown gliches for no reason
problem #3 most software is overprotective, normally when this appears I back up my computer check the file out then run it never had a problem it turns out 80% of the time its not a virus its normally just a glich but occasionally it can be real so be careful guys,

#1 solution to not get viruses do not get illegal downloads EVER.
User avatar
noradseven
Might just like this board
 
Posts: 49
Joined: December 5th, 2007, 5:33 am
Location: Next to my computer.

Next

Return to Melty Blood Chat

Who is online

Users browsing this forum: No registered users and 1 guest