I play a game online called MotoGP2 and it requires a CD in order to play.
Several years (Since 2001) ago I and several hundred other people downloaded a No-CD patch and have been using it ever since with no problems.
Well two weeks ago Avast v 4.7 Home edition started picking it (the patch) up as a Trojan virus called “Win32:Trojan-gen.{VC}”
When the alert monitor goes off it’s usually when we’re online playing the game and it sends the game into an exe which then boots everyone offline.
The idea behind the patch was simply to trick the game into thinking that the CD was being used, if it was truly a virus I’d think that the 3 pc’s that I’ve used it on in the past and the hundreds of others people who have used it on their pc’s would have had major problems happening for years now.
I understand that a Trojan is something that lies in wait but it’s been lying dormant since 2001?
Is there any way for any of you to actually download the patch (I can provide a zipped file) and see if it truly is a virus, or if it’s just being mistaken for one and can be removed from the virus alert monitor?
Any help would be greatly appreciated as there are still close to a hundred of us that still play this game daily and future leagues depend on people being able to use the patch because if you actually use the CD then the game is quite glitchy.
It could be, most probably, a false positive.
To know if a file is a false positive, please submit it to JOTTI or VirusTotal and let us know the result. If it is indeed a false positive, send it in a password protected zip to virus@avast.com
Please, mention in the body of the message why you think it is a false positive and the password used. Thanks.
VirusTotal and Jotti both have file size limits 10 and 15MB each.
As a workaround, you can add these files to the Standard Shield provider (on-access scanning) exclusion list.
Left click the ‘a’ blue icon, click on the provider icon at left and then Customize. Go to Advanced tab and click on Add button…
You can use wildcards like * and ?. But be carefull, you should ‘exclude’ that many files that let your system in danger.
After that, please, periodically check it - scan it into Chest, right clicking the file - there should still be a copy in the chest even though you restored it to the original location. When it is no longer detected as being infected then you can also remove it from the Exclusion list.
If you have a copy in the chest (Infected Files) or you can also add the file to the User Files (File, Add) section of the avast chest where it can do no harm and send it from there (select the file, right click, email to Alwil Software). No need to zip and PW protect when the sample is sent from chest.
Give a brief outline of the problem (possibly a link to this thread), the fact that you believe it to be a either a false positive. Some info on the avast version and VPS number (see about avast {right click avast icon}) will also help.
