«

[TotalAnarchy]

Quote:

Originally Posted by notyetregistered

Code:

Comodo          1690          2009.07.18   UnclassifiedMalware
Fortinet        3.120.0.0     2009.07.18   MS06.004!exploit
McAfee          5679          2009.07.17   Exploit-MS06-004.gen
McAfee+Artemis  5679          2009.07.17   Exploit-MS06-004.gen
TrendMicro      8.950.0.1094  2009.07.17   TSPY_ZBOT.MCL

http://threatinfo.trendmicro.com/vin...=TSPY_ZBOT.MCL

Just so you know. Could be false alert, could be true.

I'm quite sick of running scans and installing different antiviruses every time one of you guys report a probably unexisting virus. Last Scan Result

[Skyfly]

Quote:

Originally Posted by TotalAnarchy

I'm quite sick of running scans and installing different antiviruses every time one of you guys report a probably unexisting virus. Last Scan Result

I would say that we're just being cautious, I was the first to post a malware report. I ran the zip through McAfee and I have cleaned out that 'malware' generating file. Can't someone upload the cleaned zip back here to prevent future posts of this nature (reporting malware in Dylan Dog)?

Microsoft should have patched up the exploit, so if you're keeping up with the Windows Updates, the malware should be kept in check.

[TotalAnarchy]

Quote:

Originally Posted by Skyfly

I would say that we're just being cautious, I was the first to post a malware report. I ran the zip through McAfee and I have cleaned out that 'malware' generating file. Can't someone upload the cleaned zip back here to prevent future posts of this nature (reporting malware in Dylan Dog)?

Microsoft should have patched up the exploit, so if you're keeping up with the Windows Updates, the malware should be kept in check.

Have you been able to play the game after cleaning this so-called malware?

[Skyfly]

Quote:

Originally Posted by TotalAnarchy

Have you been able to play the game after cleaning this so-called malware?

Yes, I am able to start main1.exe and I can play through the game. I don't know if I need to install the game in order to get the sound to work, I'm reluctant to try because it is in Italian.

[TotalAnarchy]

Quote:

Originally Posted by Skyfly

Yes, I am able to start main1.exe and I can play through the game. I don't know if I need to install the game in order to get the sound to work, I'm reluctant to try because it is in Italian.

Could you send me somehow the Secur.pal files that you can find in the "P" folders of both part 1 and 2? These files are probably responsable of the copy protection, so I don't think it has smth related to the sound.

[Skyfly]

Quote:

Originally Posted by TotalAnarchy

Could you send me somehow the Secur.pal files that you can find in the "P" folders of both part 1 and 2? These files are probably responsable of the copy protection, so I don't think it has smth related to the sound.

I took a minute to compare the cleaned zip with the 'detected' zip, there are two files that are removed, Ani1.ani, one in each folder Dylan1 & Dylan2.

It is the animated cursor file, and windows has been vulnerable to malware through the way it handles animated cursors. I don't know if this is a false positive or not, but removing these files doesn't seem to disrupt game play, though I don't know what the animated cursor looks like compared to the cursor I have been using.

The issue with the sound, since the instructions are in Italian, I'm not sure how to follow the directions, so I haven't tried, yet.

Do you need to install the game in order to configure the sound?

[The Fifth Horseman]

And you are sure it was an animated cursor?
LULZ.
I've seen the ANI extension associated with animated sprites (and animations in general) in older games.
Are there any other ANI files in the game directory?

[Skyfly]

Quote:

Originally Posted by The Fifth Horseman

And you are sure it was an animated cursor?
LULZ.
I've seen the ANI extension associated with animated sprites (and animations in general) in older games.
Are there any other ANI files in the game directory?

I'm not sure what it is, I'm only trying to be helpful. Those are the only .ani files in the archive.

There are only 2 Ani1.ani files, one for each directory, Dylan1 and Dylan2. The file is only 23KB. I assume it was for a cursor, but I don't know.

[TotalAnarchy]

Quote:

Originally Posted by Skyfly

I took a minute to compare the cleaned zip with the 'detected' zip, there are two files that are removed, Ani1.ani, one in each folder Dylan1 & Dylan2.

It is the animated cursor file, and windows has been vulnerable to malware through the way it handles animated cursors. I don't know if this is a false positive or not, but removing these files doesn't seem to disrupt game play, though I don't know what the animated cursor looks like compared to the cursor I have been using.

The issue with the sound, since the instructions are in Italian, I'm not sure how to follow the directions, so I haven't tried, yet.

Do you need to install the game in order to configure the sound?

What are you talking about? Using Trend Micro antivirus it detected only the secur.pal as viruses Can you please check with your antivirus the archive on HOTUD.org. If the results are also positive, then forget it. It's just the original files are detected as something else, and can do no harm to your computer.

[Skyfly]

Quote:

Originally Posted by TotalAnarchy

What are you talking about? Using Trend Micro antivirus it detected only the secur.pal as viruses Can you please check with your antivirus the archive on HOTUD.org. If the results are also positive, then forget it. It's just the original files are detected as something else, and can do no harm to your computer.

I was explaining what McAfee removed from the zip archive, the Exploit-MS06-004.gen... It is related to the Ani1.ani files.

My point isn't that they are problematic or potentially harmful - I don't know, it is that other people might come here to post warnings as long as those files are in the zip, so maybe someone can post a note on the download page to disregard the malware warning if they run McAfee or Fortinet or Comodo scans.

I don't have Trend Micro available, so I don't know what's going on there.