4 replies to this topic

[ghostdog]

These last days there have been some reports about certain antivirus programs giving warnings about a trojan in my UI and other Weidu mods. They probably think that some code inside the weidu.exe is malicious, which of course is completely wrong. This has happened only recently and it's probably because of some misconception in the virus definition update of certain programs. All the files uploaded in this site have of course been checked for viruses and are clean. The false warnings seem to be happening with the older 2.08 weidu version (the one that I used for the mods)

I found some similar reports about false warnings here:
http://www.shsforums...mp;#entry436612
http://forums.gibber...showtopic=16687

I'm making this thread to make it clear that these trojan warnings are false.

If you downloaded a weidu mod from SHS and you receive a warning then I believe it's safe to ignore it and continue with the installation.



EDIT: this is the file that has been mistaken for a Virus: WeiDU.exe v2.08:

Attached Files

•  WeiDU_Windows_208.zip   1.67MB   312 downloads

Edited by ghostdog, 14 February 2009 - 11:28 AM.

[scient]

Wow, fail on AV's part. This is from online virus scanner and will show you which AV's will pick up WeiDu as a "virus". If anyone uses any of these you could report the file as false positive to devs. Or you could get a good AV like NOD32.

a-squared 4.0.0.93 2009.02.13 Trojan.Win32.Agent!IK
AhnLab-V3 5.0.0.2 2009.02.13 -
AntiVir 7.9.0.79 2009.02.13 TR/Agent.blqg
Authentium 5.1.0.4 2009.02.13 -
Avast 4.8.1335.0 2009.02.12 -
AVG 8.0.0.237 2009.02.13 Agent.AYMI
BitDefender 7.2 2009.02.13 Trojan.Generic.1425774
CAT-QuickHeal 10.00 2009.02.13 -
ClamAV 0.94.1 2009.02.13 -
Comodo 976 2009.02.13 -
DrWeb 4.44.0.09170 2009.02.13 -
eSafe 7.0.17.0 2009.02.12 Suspicious File
eTrust-Vet 31.6.6355 2009.02.13 -
F-Prot 4.4.4.56 2009.02.13 -
F-Secure 8.0.14470.0 2009.02.13 Trojan.Win32.Agent.blqg
Fortinet 3.117.0.0 2009.02.13 -
GData 19 2009.02.13 Trojan.Generic.1425774
Ikarus T3.1.1.45.0 2009.02.13 Trojan.Win32.Agent
K7AntiVirus 7.10.629 2009.02.13 Trojan.Win32.Agent.blqg
Kaspersky 7.0.0.125 2009.02.13 Trojan.Win32.Agent.blqg
McAfee 5524 2009.02.12 -
McAfee+Artemis 5524 2009.02.12 -
Microsoft 1.4306 2009.02.13 -
NOD32 3851 2009.02.13 -
Norman 6.00.02 2009.02.13 W32/Agent.LKUQ
nProtect 2009.1.8.0 2009.02.13 Trojan/W32.Agent.507904.M
Panda 10.0.0.10 2009.02.13 -
PCTools 4.4.2.0 2009.02.13 -
Prevx1 V2 2009.02.13 -
Rising 21.16.42.00 2009.02.13 -
SecureWeb-Gateway 6.7.6 2009.02.13 Trojan.Agent.blqg
Sophos 4.38.0 2009.02.13 -
Sunbelt 3.2.1851.2 2009.02.12 -
Symantec 10 2009.02.13 -
TheHacker 6.3.2.0.255 2009.02.13 -
TrendMicro 8.700.0.1004 2009.02.13 -
VBA32 3.12.8.12 2009.02.13 Trojan.Win32.Agent.blqg
ViRobot 2009.2.13.1605 2009.02.13 -
VirusBuster 4.5.11.0 2009.02.13 -

Edited by scient, 13 February 2009 - 12:02 PM.

[ghostdog]

I made a report about this to Kaspersky, let's hope that at least they will do something.


EDIT: Kaspersky has acknowledged it was a false warning and they say they it is going to be fixed in the next update.

Edited by ghostdog, 14 February 2009 - 02:03 AM.

[Alboy]

I updated my AVG Virus yesterday & have 5 Trojan Horses they are all Agent.AYMl.
They are.

RE v4
Assassinations v5
Level 1 NPCs v1.1
Xan BG1 Friend v5
Bonehill v226 Patch

All of these were fine until l updated yesterday.
I sent the list to AVG & they sent back a email saying all files were detected correctly.

Has anyone any idea as to what is happening.

[ghostdog]

These must be all false reports Alboy. Kasperksy has already acknowledged it's mistake and they'll fix this in the next update. AVG doesn't seem to have a good bug report system since all you can do is send them an email and probably you can't send them the weidu executable since they'll mistake it for a virus :facepalm:. Anyway I've send them an email including kaspersky's response so hopedully they'll do something.