DaJ Trojan?

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • buzzkill
    Prophet
    • May 2008
    • 2939

    DaJ Trojan?

    I ran a rotuine scan last night and Malwarebytes Anti-Malware detected a "Trojan Agent" in DaJAngband121/DaJAngband.exe. I've never had a problem with Malwarebytes and flase positives before so I'm a little nervous. Can anyone else scan DaJ with thier favorite scanner and confirm/deny this?
    www.mediafire.com/buzzkill - Get your 32x32 tiles here. UT32 now compatible Ironband and Quickband 9/6/2012.
    My banding life on Buzzkill's ladder.
  • Pete Mack
    Prophet
    • Apr 2007
    • 6883

    #2
    Originally posted by buzzkill
    I ran a rotuine scan last night and Malwarebytes Anti-Malware detected a "Trojan Agent" in DaJAngband121/DaJAngband.exe. I've never had a problem with Malwarebytes and flase positives before so I'm a little nervous. Can anyone else scan DaJ with thier favorite scanner and confirm/deny this?
    I hadn't downloaded this one yet. Did it find the same one in DaJ 1.20?

    Comment

    • Matthias
      Adept
      • Apr 2007
      • 201

      #3
      antivir didn't complain when I started it

      Comment

      • buzzkill
        Prophet
        • May 2008
        • 2939

        #4
        Originally posted by Pete Mack
        I hadn't downloaded this one yet. Did it find the same one in DaJ 1.20?
        Not that I'm aware of. It (malwarebytes) found 3 "trojan agent" items in the recycle bin on a previous "quick scan", but the path was long and I didn't bother to scroll to see actual the infected object, though the (recently deleted) DaJ120 may have been in the bin at the time. Prior to this incident, I've never had a false positive with any roguelike, and I run a pretty clean system in general.

        EDIT: Upon reviewing the log, it was indeed DaJangband.exe (presumably 120) that caused the 3 previous hits.
        www.mediafire.com/buzzkill - Get your 32x32 tiles here. UT32 now compatible Ironband and Quickband 9/6/2012.
        My banding life on Buzzkill's ladder.

        Comment

        • JohnCW9
          Adept
          • Jul 2009
          • 118

          #5
          Originally posted by buzzkill
          I ran a rotuine scan last night and Malwarebytes Anti-Malware detected a "Trojan Agent" in DaJAngband121/DaJAngband.exe. I've never had a problem with Malwarebytes and flase positives before so I'm a little nervous. Can anyone else scan DaJ with thier favorite scanner and confirm/deny this?
          My Norton 360 has marked the site as unsafe for a awhile so I have never downloaded from it
          My first legit winner http://angband.oook.cz/ladder-show.php?id=5114

          Comment

          • zaimoni
            Knight
            • Apr 2007
            • 590

            #6
            Originally posted by JohnCW9
            My Norton 360 has marked the site as unsafe for a awhile so I have never downloaded from it
            Said site has relocated to GoogleCode from Awardspace...which one are you referring to (or are we thinking about the even older one?)
            Zaiband: end the "I shouldn't have survived that" experience. V3.0.6 fork on Hg.
            Zaiband 3.0.10 ETA Mar. 7 2011 (Yes, schedule slipped. Latest testing indicates not enough assert() calls to allow release.)
            Z.C++: pre-alpha C/C++ compiler system (usable preprocessor). Also on Hg. Z.C++ 0.0.10 ETA December 31 2011

            Comment

            • Arralen
              Swordsman
              • May 2007
              • 309

              #7
              If in doubt, upload the file on http://www.virustotal.com/

              If the result is inconclusive -but only then!!- upload it to http://analysis.avira.com/samples/index.php
              No, I don't have a clue 'bout C, and I'm not starting my own variant.
              Never. Ever.

              Comment

              • Matthias
                Adept
                • Apr 2007
                • 201

                #8
                virustotal returns 0/41. Wow I've had exes of commercial programs with more false positivs than that Buzzkill's scanner isn't on the list of scanners used btw

                Comment

                • JohnCW9
                  Adept
                  • Jul 2009
                  • 118

                  #9
                  Originally posted by zaimoni
                  Said site has relocated to GoogleCode from Awardspace...which one are you referring to (or are we thinking about the even older one?)
                  It probally was Awardspace, I just checked the latest The google and there was no problem.

                  John
                  My first legit winner http://angband.oook.cz/ladder-show.php?id=5114

                  Comment

                  • will_asher
                    DaJAngband Maintainer
                    • Apr 2007
                    • 1124

                    #10
                    My virus software gave me warnings about Awardspace, but never about a DaJAngband file. I don't know how the file would get infected with anything (even a false warning) just by being linked to on Awardspace.
                    Actually, I just noticed you're talking about DJA 1.2.1 which was released after I had moved to Google sites and quit using Awardspace. I just opened the virus software on this computer (McAfee) to check it out, but I can't see a way to tell it to scan one particular file. If anyone finds out why it's saying this, let me know. I don't know how the file could've gotten infected with anything.
                    Will_Asher
                    aka LibraryAdventurer

                    My old variant DaJAngband:
                    http://sites.google.com/site/dajangbandwebsite/home (defunct and so old it's forked from Angband 3.1.0 -I think- but it's probably playable...)

                    Comment

                    • zaimoni
                      Knight
                      • Apr 2007
                      • 590

                      #11
                      Originally posted by will_asher
                      My virus software gave me warnings about Awardspace, but never about a DaJAngband file. I don't know how the file would get infected with anything (even a false warning) just by being linked to on Awardspace.
                      Agreed.

                      The ad servers are a completely different problem; it's likely that Norton 360 is reacting to the risk of ads being converted to malware.
                      Zaiband: end the "I shouldn't have survived that" experience. V3.0.6 fork on Hg.
                      Zaiband 3.0.10 ETA Mar. 7 2011 (Yes, schedule slipped. Latest testing indicates not enough assert() calls to allow release.)
                      Z.C++: pre-alpha C/C++ compiler system (usable preprocessor). Also on Hg. Z.C++ 0.0.10 ETA December 31 2011

                      Comment

                      • buzzkill
                        Prophet
                        • May 2008
                        • 2939

                        #12
                        I choses to ignore the original hit, and since have been unable to reproduce it with any virus or malware scanner. Sorry about the scare.
                        www.mediafire.com/buzzkill - Get your 32x32 tiles here. UT32 now compatible Ironband and Quickband 9/6/2012.
                        My banding life on Buzzkill's ladder.

                        Comment

                        • Pete Mack
                          Prophet
                          • Apr 2007
                          • 6883

                          #13
                          I just realized that for me anyway, it was definitely a false alarm. Viruses are a lot harder to pick up when you recompile from the source...

                          Comment

                          Working...
                          😀
                          😂
                          🥰
                          😘
                          🤢
                          😎
                          😞
                          😡
                          👍
                          👎