Avast WEBforum
Other => Viruses and worms => Topic started by: amandapace on July 11, 2008, 02:48:51 AM
-
According the BFG website, some antivirus programs recognize portions of their programs as a worm or trojan. What can I do about this? I can't open the game manager without having sirens go off, lol.
Each of the games (some downloaded yesterday, have already played once, some downloaded today - or tried to) gets a message like this:
C:\Program Files\Puzzle Hero\jzkpnzq.exe
Win32:Kolabc-CN [Wrm]
080710-0, 07/10/2008
The yellow and red message at the bottom of my screen usually says that such-and-such program has "a sample of Win32:Kolabc-CN [Wrm]" whatever that means.
-
Yeah, I've got the same problem. I just bought a game from Big Fish yesterday and can't play it today thanks to this. >:(
-
I've been having the same issue as well. I was able to get it to recognize my existing games (some from over a year ago were showing up overnight with virus warnings) but I'm unable to download anything from that site now.
Has anyone put in a ticket for this yet?
-
I just tried to run one of the older games that I've had for a few months, and they got the same warning, so no game playing for me... :'(
I have no idea how to report it, lol. This is my first time having an issue!
-
When it happened to the first game I tried playing (I think this was maybe four days ago or so?) I uninstalled and reinstalled it and it ran fine. When I started having trouble with dowloading new games tonight I tried loading another older game and got the same virus warning. After some fiddling around I was able to set it up to recognize the older games by choosing >Program Settings, >Exclusions, and then browsing my desktop and clicking off each of the existing games as exlusions. They loaded fine after that, but it still leaves us with the pink elephant of not being able to download new content.
BFG had a link on the help page suggesting that users getting that virus message try updating their virus software and re-attempting to install, but everything for my software is up to date and I'm still getting it.
If no one else has submitted a ticket I'll give it a try now. Now to deal with that great *bwa-WUMP!* message while trying it...
-
LOL. Well, I don't have a single game on my computer that I didn't get from BFG, so I guess I'm out of commission for now. I guess I can play some trial from another site for now ::)
-
At least they make it possible to re-install purchased games if need be! Still, doesn't help us enjoy new product...
Hopefully the tech team isn't being bombarded with these tickets. I'd hate to spam them over it!
-
For future reference, how do you submit an issue? I looked around on the website, then just came to the forums hoping for help, lol.
-
There's a link to submit a ticket on http://support.avast.com/
You'll need to make sure your email address is registered before you can submit anything. Even though I have the confirmation email from when I registered Avast last fall it wouldn't recognize my addy so I had to re-register. Took maybe five minutes from start to finish, so it's no big hassle.
And now I think I've grumbled at the 'puter long enough for the eve...hopefully there will be some tips or resolution tomorrow!
-
Wow and i thought it was only on my PC today. I cant play ANY Games from Big Fish .Played yesterday with no problem. Avast tells me i got a Virus Win32:Kolabc-Cn (wrm)
Whats going on? ???
-
It seems to me that something in the most recent update doesn't work with BFG, so we just have to wait for tech support to figure it out. I'm gonna go try out some games from yahoo or something, i guess. ::)
-
Yeah, I've tried everything plus reporting it and sending in the "suspect" files. I guess that's it for tonight, darn it. >:(
-
My partner and I both got the same thing today. All the BigFish exe files have somehow changed. I put in a ticket to Avast on this. Looks like a false warning probably due to today's automatic update. I opened different applications and they all work fine. Did a virus check and couldn't find anything that wasn't a BigFish game.
Looks like we'll all have to wait for Avast to fix it. May have to play solitaire with REAL cards LOL!
-
I doubt I even have a deck of real cards, lol!
-
Count me in as not accessing big fish also, and if it isn't fixed quick, I can see I will just be uninstalling Avast. I have only been trialing it for two days, and then this. Running other virus checkers online do not show a worm.
-
I'm not sure if they've updated Avast or if all my fiddling made it work, but I can play the games again! Yay!
-
False positive alert in "Big Fish Games" has been fixed in VPS 080711-0
-
Thank you tech support!! ;D
-
I just installed the latest virus definitions 080722-1, and I'm having what I believe is another false positive with one of my Big Fish Games: Mahjong Towers Eternity. The file flagged has having a Trojan is named nqnvbtr.exe (that's the file used to launch the game). Anybody else having this problem, and is this also going to be fixed in an upcoming update?
I scanned all my drives and this file was the only one flagged as having a virus. I quarantined it, then reinstalled Mahjong Towers Eternity from a fresh download off Big Fish' site, but aVast still flags it have having a Trojan.
Thanks for your help.
-
Ratqueen, To know if a file is a false positive, please submit it to VirusTotal (http://www.virustotal.com/xhtml/index_en.html) and let us know the result. If it is indeed a false positive, send it in a password protected zip to virus@avast.com. VirusTotal has a file size limit of 10Mb. Please, mention in the body of the message why you think it is a false positive and the password used. Thanks.
Maybe you need to disable Hide protected operating system files (http://www.xtra.co.nz/help/0,,4155-1916458,00.html) and enable View hidden files and folders (http://www.bleepingcomputer.com/tutorials/tutorial62.html#winxp) to manage the file(s).
As a workaround, you can add these files to the Standard Shield provider (on-access scanning) exclusion list.
Left click the 'a' blue icon, click on the provider icon at left and then Customize. Go to Advanced tab and click on Add button...
You can use wildcards like * and ?. But be careful, you should 'exclude' that many files that let your system in danger.
-
Thanks for the information. I did as you suggested (had to exclude the file from aVast to be able to upload it to VirusTotal first -- it wouldn't let me otherwise).
I don't know what qualifies as a false positive, but the results are quite ambiguous, here:
http://www.virustotal.com/reanalisis.html?cf2b8ce6c683494df4ede733494f7e37
Should I still send you the file by email?
I really don't think this file contains a virus -- Big Fish Games certify that all their games are virus-free (and that's really to their own advantage too). I scanned all my drives which were found clean except for this file, and reinstalled the game from a fresh download. Yet, aVast still flags the newly-installed "certified clean" file as being a Trojan. I've been using this game for several months with no ill-effects. It was only flagged as a Trojan since July 11.
I'm also trying to understand how sending a file to VirusTotal for analysis determines whether a file really contains a virus or not. Is this only based on whether or not a large enough number of other antivirus programs flag is as such? From my end it looks like word of mouth science :) ('course, I'm no expert. I'm just saying).
I'll be glad to email the file to you as per your instructions if you think this may be helpful.
Thank you.
EDIT: Forgot to mention that the virus found in this file is win32: Trojan-gen {other}, which I read in another thread was a very common trigger for false positives...
-
I don't know what qualifies as a false positive, but the results are quite ambiguous, here:
http://www.virustotal.com/reanalisis.html?cf2b8ce6c683494df4ede733494f7e37
This link goes to nowhere...
Should I still send you the file by email?
It won't be bad (virus (at) avast (dot) com).
Is this only based on whether or not a large enough number of other antivirus programs flag is as such? From my end it looks like word of mouth science :) ('course, I'm no expert. I'm just saying).
It's not 100% sure, neither for positive nor for negative detection... but the more scanners you test, the more probability of taken the right decision, don't you think?
-
This link goes to nowhere...
Sorry about the link. This is the correct link:
http://www.virustotal.com/analisis/ca9bd8a085a929d79c8246dae9087f1d
Not really sure what to do now, besides sending the file to aVast, if you think that would be useful.
Thanks.
-
Not really sure what to do now, besides sending the file to aVast, if you think that would be useful.
It does not seem to be a false positive... seems an infected file...
Maybe you could send it to virus (at) avast (dot) com into a zip passworded archive.
In the email body you could mention the password used and a link to this thread.
-
It does not seem to be a false positive... seems an infected file...
Mmh, I still think the file is clean.
May I ask what this virus win32: Trojan-gen {other} is supposed to do? I tried to look it up in the aVast virus database, but I can't find anything at all in there. Is this virus supposed to spread to other files on the infected system? What damage is it supposed to do? Because I've been running this supposedly infected file for months every day (and still running the game now), and it hasn't spread to any other files on my system, nor have I noticed any odd behaviors at all. Just wondering.
Maybe you could send it to virus (at) avast (dot) com into a zip passworded archive.
In the email body you could mention the password used and a link to this thread.
I will do that. Thank you.