Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: Warning regarding FTT RPG game; Please read!

  1. #1

    Question Warning regarding FTT RPG game; Please read!

    [I would like to suggest this has been a false positive. Please feel free to read the rest of this thread for the sake of your own judgment, but keep in mind that I cannot and do not represent VIPRE. My judgement is out of place and I sincerely apologize for the confusion or concern I may have unnecessary caused.]


    Hey all,

    I am not a professional, and I recommend you seek a professional's advice in your internet practices. I've already posted this reply to the "FTT is back" thread, but I thought my warning would reach a larger audience if made into a thread.

    Anyway, I've never played RPG games before. I decided to satiate my curiosity by checking out FTT's "...game by Baboon called 'Lisa and Friends' Well-Intended Regressive Misunderstandings'..." for fun.

    My Anti-Malware software, fortunately, discovered Worm.Win32 embedded in the ZIP files. From my software:

    "A Worm is a malicious program that spreads itself without any user intervention. Worms are similar to viruses in that they self-replicate. Unlike viruses, however, worms spread without attaching to or infecting other programs and files. A Worm can spread across computer networks via security holes on vulnerable machines connected to the network. Worms can also spread through email by sending copies of itself to everyone in the user's address book. A Worm may consume a large amount of system resources and cause the machine to become noticeably sluggish and unreliable. Some Worms may be used to compromise infected machines and download additional malicious software...This is a high risk and should be removed immediately as it may compromise your privacy and security, make dangerous changes to your computer's settings without your knowledge and consent, or severely degrade your computer's performance and stability."


    SO, for those of you who have downloaded this particular RPG (Lisa and Friends), GET RID OF IT AND SCAN YOUR COMPUTER. I also recommend that anybody who you have communicated with recently check their computers for similar malware.


    This has been a warning, and I hope it has been helpful.


    [Admins: I post this with the best intentions, and if you (or any other members, for that matter) discover that I am wrong, please feel free to correct me and to delete this thread]
    Last edited by Kif; 24-Sep-2010 at 20:43.

  2. #2

  3. #3

    Default

    I use VIPRE Antivirus Premium. I'm performing a deep scan, now, and I'll check with Malwarebytes' AntiMalware later.

    It has detected false positives disguised as windows updates in the past, but I do not believe that "Worm.Win32" would be a Windows update. Besides, it picked up the file as I attempted to extract the files--so unless it had been sitting dormant in my computer up to that point, I think it likely it came from the ZIP file.

    Thanks for asking!
    This is exactly the kind of discussion I was looking for!

  4. #4

    Default

    Though I haven't scanned the game myself, several things tell me this doesn't have a worm in it.

    1. baboon, no offense to him, doesn't appear to have the capacity to distribute a virus.
    2. My PC (OS is Windows XP Professional, pirated, and the machine is mediocre at best), is running fine, despite being cluttered and fragmented. Also, my LAN's bandwidth is being almost unused, since I've not been torrenting lately.

    I advise you re-download and scan the file itself before making claims like these. If you're convinced that there's a virus, I'll look into it more. Also, with the way internet security has been going lately, you could have gotten a virus at any time and it could have been laying dormant.

    An interesting thing to note is that there is a major exploit in recent versions of adobe reader that allows pages to open up a hidden IE window and attack your PC through that. If you're using IE to begin with, I highly advise you do otherwise, as it's essentially an open door into your computer.

  5. #5

    Default



    Quote Originally Posted by Janus View Post
    Though I haven't scanned the game myself, several things tell me this doesn't have a worm in it.

    1. baboon, no offense to him, doesn't appear to have the capacity to distribute a virus.
    2. My PC (OS is Windows XP Professional, pirated, and the machine is mediocre at best), is running fine, despite being cluttered and fragmented. Also, my LAN's bandwidth is being almost unused, since I've not been torrenting lately.

    I advise you re-download and scan the file itself before making claims like these. If you're convinced that there's a virus, I'll look into it more. Also, with the way internet security has been going lately, you could have gotten a virus at any time and it could have been laying dormant.

    An interesting thing to note is that there is a major exploit in recent versions of adobe reader that allows pages to open up a hidden IE window and attack your PC through that. If you're using IE to begin with, I highly advise you do otherwise, as it's essentially an open door into your computer.
    For that reason, I've not used Internet Explorer for several years. It generally seems to have problems anyway, as it tends to upload things without my permission (Yahoo, Google--the last time it uploaded something without my permission turned out to be a very stubborn piece of spyware disguised as a DesktopWeather icon, and I've not touched Explorer since).

    When I finish scanning my entire computer, I'll scan the files again (with both MalwareBytes and VIPRE), to double-check if anything is there, and report back.

    It is definitely possible it could have come from another computer on the network, seeing that my computer is within proximity to multiple private and public networks. My last full scan was on the seventeenth, so it is possible that I've contracted something in that time--even though I've not intentionally (to my knowledge) visited malicious sites.

    I do apologize if I create an unnecessary disturbance--but I figured it would be better to be safe than sorry. I posted this thread to do exactly what we are doing now: to discuss and evaluate the situation.

  6. #6

    Default

    I downloaded it in a Win XP virtual machine & Microsoft Security Essentials isn't finding any infections.

  7. #7

    Default

    Well, I've performed a deep scan of my entire system, and nothing has been found. (This is after the first time I downloaded the file, quarantined the risk, and then deleted the risk)

    I re-downloaded the ZIP file and performed some scans on the ZIP file.

    MalwareBytes found nothing, but VIPRE found the same thing again: Worm.Win32.Autorun.adza (v)

    Found under: Desktop\Abdl_Game.zip|Abdl Game\RPG_RT.exe

    More on SunBelt's website: Worm.Win32.AutoRun.adza (v) Information and Removal. (Last updated Sept 21, 2009)

    Recommendation is to remove the worm, as it poses a high risk to security. Though it's highly unlikely that SunBeltSoftware has made a mistake, I'm not going to ignore the fact that this file could actually be harmless--based on everyone's above accounts. Yet, I can't be sure that your software is up-to-date either--yours may have ruled Worm.Win32 as harmless, or it may not have been deemed malicious yet. Remember that one anti-malware software might pick up on malicious programs, while another anti-malware software might miss the same malicious program.

    Irregardless, I'd rather not risk the security of my computer. VIPRE has been a pretty trustworthy program for the last few years we've had it, it has updated multiple times every day, and our computer technician has recommended it. I will follow standard procedure, therefore, and delete the file from my computer. An internet RPG is not worth my computer's security by any measure of the imagination.

    Again, thank you for your input. The purpose of this thread is to generate discussion regarding this potentially-threatening download, and I am glad to see the debate going on here.

    If you still have more to say, feel free to speak up--especially you, Janus. I would recommend you also look into this.
    Last edited by Kif; 24-Sep-2010 at 10:27.

  8. #8

    Default

    DrWeb single file scan results...



    From what I've read, VIPRE has an extensive history of finding false positives in it's scans, though I can't say anything else about VIPRE as I don't use it myself, nor do I plan to. DrWeb's scan is a simple one, and I'm running a more in-depth scan right now. The results should be ready in maybe 45 minutes.

  9. #9

    Default

    This helped me decide to make an account. I wouldn't knowingly post a corrupt file. I scan all .zip archives. I do a lot of work with computers, my system is behind a smoothwall and I run Norton 360 up to date (I know, I know, shut up, its free through a commercial license for part of my job). For the sake of argument, and just to be doubly sure, I ran the file through the latest McAfee, and ESET on two of my laptops. Still nothing. I think the issue is a false positive.

    Sorry, was just miffed at the thought I'd do something malicious. I know its not really an accusation like "HOW COULD YOU?" but just the implications of sloppy work is something I don't want hanging over my head.

  10. #10

    Default

    Holy crap CS, welcome to ADISC.

    Topic: The online scanner I was using ended up not supporting 20+ files within a zip. Since The usual scanner I use is also down for maintenance, I have little else to add to this.

Similar Threads

  1. Just a warning to those who have Linux
    By Tigger in forum Computers & Gaming
    Replies: 42
    Last Post: 01-Apr-2008, 14:19

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
ADISC.org - the Adult Baby / Diaper Lover / Incontinence Support Community.
ADISC.org is designed to be viewed in Firefox, with a resolution of at least 1280 x 1024.