11 réponses à ce sujet

[Telljin]

The Patch for Dragon Age Origins have a virus reported by Avira Antivirus program, what should I do? Is it so or should it be considered false?

[pavachan]

From my experience, Avira is quite a touchy antivirus. I cant say if your file is really infected as i dont know where you got it from, but from my own experience, Avira reported threats where there were none quite a few times.

[Mishlof]

this was mentioned earlier and a Bioware tech actually responded it is safe to ignore, apparently there was a while back a dragonage.exe virus created (probably a torrent to lure people in) before game release.

[Darth Garrus]

Do you have a link for this answer from Bioware? I can´t find any explanation from them. I would love to know how to proceed. I also use Avira, and it´s still saying that the patch is a trojan.

[Valaskjalf]

If you're getting the patch directly from bioware, its most likely not a virus or trojan.

[Grizzly_UK]

I downloaded the patch directly from social.bioware.com/game_patches.php

Nothing nasty reported by Avast AntiVirus, installed the game and ran the patch yesterday, no problems at all. If you donwloaded from some other website, then there may be a risk, to be safe you could just download from the link I posted, if you're not sure about that, then just cursor over "My Games" in the menu under your avatar to open up the slide out menu where you'll see "Game Patches" listed, just click on that to go to the patches page.

[Lob Shephli]

I ran my AVG antivirus along with Adaware twice this week. First time i had a trojan before buying DAO then ran another one today with DAO installed for about a week and after the new patch with no problems. So its all clean from what i can tell.



Fantastic rpg by the way. Never had so much fun with dialogue before.

[Darth Garrus]

I think it´s a false positive. Avira is a great anti-virus, but can overreact sometimes. But what amazes me is that are no responses from Bioware about it, no correction (or solution), and nothing about the problem hundreds of people are having with the patch (the game not starting after its installation).

[Lob Shephli]

Just reinstalled Avira since AVG was acting finicky with UHARC files and false alarms. Just ran a test with Avira while in the shower and it came up with the patch also being detected as a trojan virus. So i let Avira remove the TR/Crypt.ZPACK.Gen2 Trojan started up DRAGON AGE ORIGINS and so far everything is fine with both my mage and dwarven characters. Hopefully that wasnt a dungeon i just deleted.

Heres the AVS scan log report if anyones interested:



Avira AntiVir Personal
Report file date: Monday, November 09, 2009 23:14

Scanning for 1878353 virus strains and unwanted programs.

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : blu blah blu blu Charlie Brown
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : ?

Version information:
BUILD.DAT : 9.0.0.407 17961 Bytes 7/29/2009 10:34:00
AVSCAN.EXE : 9.0.3.7 466689 Bytes 7/21/2009 19:36:14
AVSCAN.DLL : 9.0.3.0 40705 Bytes 2/27/2009 16:58:24
LUKE.DLL : 9.0.3.2 209665 Bytes 2/20/2009 17:35:49
LUKERES.DLL : 9.0.2.0 12033 Bytes 2/27/2009 16:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 10/27/2008 19:50:58
ANTIVIR1.VDF : 7.1.4.132 5707264 Bytes 6/24/2009 19:50:58
ANTIVIR2.VDF : 7.1.6.160 5413376 Bytes 10/28/2009 19:41:44
ANTIVIR3.VDF : 7.1.6.210 427520 Bytes 11/9/2009 22:57:14
Engineversion : 8.2.1.61
AEVDF.DLL : 8.1.1.2 106867 Bytes 9/15/2009 21:58:02
AESCRIPT.DLL : 8.1.2.44 586107 Bytes 11/6/2009 22:32:20
AESCN.DLL : 8.1.2.5 127346 Bytes 9/3/2009 21:24:42
AERDL.DLL : 8.1.3.2 479604 Bytes 10/3/2009 04:15:48
AEPACK.DLL : 8.2.0.3 422261 Bytes 11/5/2009 20:21:24
AEOFFICE.DLL : 8.1.0.38 196987 Bytes 6/17/2009 20:32:46
AEHEUR.DLL : 8.1.0.180 2093432 Bytes 11/6/2009 22:32:18
AEHELP.DLL : 8.1.7.0 237940 Bytes 9/3/2009 21:24:42
AEGEN.DLL : 8.1.1.71 364916 Bytes 11/5/2009 20:21:22
AEEMU.DLL : 8.1.1.0 393587 Bytes 10/3/2009 04:15:48
AECORE.DLL : 8.1.8.2 184694 Bytes 11/5/2009 20:21:22
AEBB.DLL : 8.1.0.3 53618 Bytes 10/15/2008 16:49:34
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 14:47:59
AVPREF.DLL : 9.0.0.1 43777 Bytes 12/5/2008 16:32:15
AVREP.DLL : 8.0.0.3 155905 Bytes 1/20/2009 20:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 12/5/2008 16:32:09
AVARKT.DLL : 9.0.0.3 292609 Bytes 3/24/2009 21:05:41
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 1/30/2009 16:37:08
SQLITE3.DLL : 3.6.1.0 326401 Bytes 1/28/2009 21:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2/2/2009 14:21:33
NETNT.DLL : 9.0.0.0 11521 Bytes 12/5/2008 16:32:10
RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 5/15/2009 21:39:58
RCTEXT.DLL : 9.0.37.0 86785 Bytes 4/17/2009 16:19:48

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\program files\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\avira\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\antivir desktop\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:, E:, F:, G:, H:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: Monday, November 09, 2009 23:14

Starting search for hidden objects.
'42238' objects were checked, '0' hidden objects were found.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'AAWTray.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.exe' - '1' Module(s) have been scanned
Scan process 'schedhlp.exe' - '1' Module(s) have been scanned
Scan process 'TimounterMonitor.exe' - '1' Module(s) have been scanned
Scan process 'TrueImageMonitor.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'unsecapp.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned
Scan process 'schedul2.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'AAWService.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
33 processes with 33 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
[INFO] No virus was found!
Boot sector 'D:\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
[INFO] No virus was found!
Boot sector 'E:\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
[INFO] No virus was found!
Boot sector 'F:\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
[INFO] No virus was found!
Boot sector 'G:\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
[INFO] No virus was found!
Boot sector 'H:\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '54' files ).


Starting the file scan:

Begin scan in 'C:\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
C:\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\pagefile.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\WINDOWS\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\system32\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\drivers\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\sptd.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
Begin scan in 'E:\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
E:\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\Patches\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\DragonAge101a\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\DragonAge1.01a.exe
[0] Archive type: NSIS
--> ProgramFilesDir/daorigins.exe
[DETECTION] Is the TR/Crypt.ZPACK.Gen2 Trojan
Begin scan in 'F:\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
Begin scan in 'G:\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
Begin scan in 'H:\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'

Beginning disinfection:
E:\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\Patches\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\DragonAge101a\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\DragonAge1.01a.exe
[NOTE] The file was moved to '4b59f6af.qua'!


End of the scan: Tuesday, November 10, 2009 00:12
Used time: 44:17 Minute(s)

The scan has been done completely.

18174 Scanned directories
401144 Files were scanned
1 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
1 Files were moved to quarantine
0 Files were renamed
2 Files cannot be scanned
401141 Files not concerned
1659 Archives were scanned
2 Warnings
2 Notes
42238 Objects were scanned with rootkit scan
0 Hidden objects were found

Modifié par Lob Shephli, 10 novembre 2009 - 05:49 .

[CmdCool]

I downloaded the patch last Friday from the official sources and NOD32 detected nothing suspicious.

In fact there are several threads about this topic and only AVIRA is detecting false positive alarms.

AVG and NOD32 say that the file is clean.

[dragoaskani]

Its called a False Positive. Get used to it when using Avira.

[Lob Shephli]

dragoaskani wrote...

Its called a False Positive. Get used to it when using Avira.

But its a contradiction i tell ya! A contradiction!

Had to reinstall after removing the supposed infected file which also removed the DLCs in the process from my characters inventory. Ouchie...

I looked up the trojan in Avira's virus database and their is such a virus with the exact name. Probably like it was mentioned already something to do with a torrent site before the release of the game to direct others to the site etc.

Now to redownload my DLCs