It seems that you're using an outdated browser. Some things may not work as they should (or don't work at all).
We suggest you upgrade newer and better browser like: Chrome, Firefox, Internet Explorer or Opera

×
I made a couple of purchases today, Septerra Core was one of the two and Duke Nukem 3D was the other.
I installed Duke Nukem 3D without issue, but when trying to install Septerra Core I was warned by Vipre Antivirus of an instance of Trojan.Win32.Obfuscated.Gen.
I reinstalled Duke Nukem 3D just in case, to test, and tried a few of the other GoG installers I still had locally, everything checked out fine and peachy. The only installer I get this alert with is Septerra Core. I've also run a deep scan of my system to make sure I'm clean, which I seem to be, and I've also ran a manual check for the presence of this trojan too, according to a number of online sources.
So, either the Septerra.exe (the file reported) in the installer really is infected, or this is a false positive. I'm looking for a way to submit this file to Sunbelt Software at the moment so they can examine it too, if it's a false positive then it should be sorted because otherwise it might make people wary of buying the game.
I'm thinking false positive anyway... what're your thoughts?
No posts in this topic were marked as the solution yet. If you can help, add your reply
I know that it is a false positive. How could GOG expect to keep customers if they implanted viruses in the executables they sell? it just doesn't make any sort of sense.
I have, at least, 16 of their installers on my own hard drives and none of them ever tripped any antiviral software. No offense, but you either have a crappy Antivrus or the antivirus thinks that the game is a virus because of the way the installers work.
Please try another antivirus program like AVG Free or avast! Home Edition. I have used both of those and not once did any GOG program trigger them and they were running on ultra sensitive claims.
Also, before making these kind of claims on forums and unintentionally spreading any sort of FUD (Fear Uncertainty and Doubt) please think on the logic behind a virus being inserted into a file, or sets of files, being sold by a business that relies on mostly word of mouth advertising and its own reputation in order to gain customers and sales.
That was rude, considering that I was only asking for advice. I'm just glad you don't work for GoG, JudasIscariot, because that would've been a PR disaster.
Moreover, if you look at my games collection, you'll find that I have a large number of GoG games too, and if you'd read my first post, I did point out that this is the -first- time I've had a problem with a GoG installer, and I was doing naught but expressing genuine concern, I'm sorry if such concern is 'spreading FUD wot destroys companies'.
And worse, the programs you recommend -- Avast and AVG -- are free ativirus programs which rate very poorly according to just about every antivirus journal out there, the top three antivirus suites at the moment are Kaspersky Antivirus, Nod32, and Vipre Antivirus. The latter of which I use, and has been critically acclaimed.
I'm offended by your post, JudasIscariot, and I don't see why you'd bother posting at all if you have nothing constructive to add beyond snooty condescension. :/
avatar
VagrantWolf: That was rude, considering that I was only asking for advice. I'm just glad you don't work for GoG, JudasIscariot, because that would've been a PR disaster.
Moreover, if you look at my games collection, you'll find that I have a large number of GoG games too, and if you'd read my first post, I did point out that this is the -first- time I've had a problem with a GoG installer, and I was doing naught but expressing genuine concern, I'm sorry if such concern is 'spreading FUD wot destroys companies'.
And worse, the programs you recommend -- Avast and AVG -- are free ativirus programs which rate very poorly according to just about every antivirus journal out there, the top three antivirus suites at the moment are Kaspersky Antivirus, Nod32, and Vipre Antivirus. The latter of which I use, and has been critically acclaimed.
I'm offended by your post, JudasIscariot, and I don't see why you'd bother posting at all if you have nothing constructive to add beyond snooty condescension. :/

I saw nothing condescending or snooty in his post, he has a very good point. Maybe he made it a little harshly. The fault is with your choice of Antivirus, and I would go with AVG if I were you. "Free" does not denote that it's bad, in most cases, software you pay for is terrible (just look at the games released in the last 5 years). If it makes you feel better, there is AVG Professional for you to waste your money on, it has exactly the same functionality as the free version, but it's PROFESSIONAL.
Post edited April 09, 2009 by TheJoe
Not to pile it on more, but have to agree, Judas was not being rude at. Additionally, your assessment of the antivirus products Judas recommended is a bit flawed. AVG is consistently rated higher than Vipre and Avast! is only rated marginally lower, but not for its functionality, but rather for its ease of use. I don't know what "antivirus journal" you got your ratings from, but I have never seen Vipre listed as one of the top three. It is usually in the top ten, but in the bottom 5 of that top ten.
In the future, when you encounter something like this situation, I would recommend you use a third party file scanning tool, such as the online one offered by VirusTotal to confirm whether or not a file is actually infected, before you announce something like this publicly, potentially, like Judas suggested, spreading FUD.
*Confused* You have a lot of GOG games, so this one you thought it must be quite possible that they have inserted something in it?
Alright. Well, where are all the other posts with people reporting the same thing? There is none. It is indeed a false positive.
If someone inside GOG had the intent of doing that, for one, there'd be a lot more posts, and two, they probably just wouldn't.. Because it's more than their jobs worth.
As for those "crtiically acclaimed" anti virus killers you pay for.. Grats on feeding their pockets. They rely on viruses so that people like you buy their software. AVG and Avast indeed work very well. I have used AVG free for years and none of my personal details have been stolen yet and it's done a fine admirable job of protecting my PC. If that's what ranks as "poor" well I'm sorry that they did not spend the time to (as a brief generalised accusation of the "system") buy out the reviewers as most places do these days :P. Think about it... You're the one spending the money and those are the ones charging. It might make sense why the free virus killers are "poor" then ;).
Oh well, time to shut my conspiracy theorist mouth... and move onto other matters....
I don't think that Judas aimed to offend you. He was maybe a bit harsh with the FUD comment, but other than that it was an OK post.
I think the main point is, you came here for help/spread help, you may not be "technologically" as smart as Judas, and he jumped down your throat a bit over it because he's passionate about GoG. However, there is the assumption in Judas's post with the FUD thing that you desired to do that when it could indeed be innocent and that was not your intention (which I believe - see below).. Which I think has to be taken into account.
Your response wasn't the greatest though.. And I think from your response that it was a genuine attempt to say, "I was innocently just trying to find out something."
Disclaimer: written whilst tipsy and late at night. Don't hurt me :).
There was another post like this awhile ago and the GOG team confirmed it was a false positive..
avatar
VagrantWolf: [..]The only installer I get this alert with is Septerra Core.
[..]
I'm thinking false positive anyway... what're your thoughts?

Hi, you might consider this as an official statement :)
I've scanned Septerra Core installation file as well as files inside package and here we got results (first - scanned by myself, second by VirusTotal):
By myself:
Kaspersky Anti-Virus 2009 - clean
Panda Security - clean
MKSVir - clean
avast! - clean
Spybot-Search&Destroy - clean
NOD32 - clean
By Virus Total:
a-squared 4.0.0.101/20090410 found nothing
AhnLab-V3 5.0.0.2/20090410 found nothing
AntiVir 7.9.0.138/20090409 found nothing
Antiy-AVL 2.0.3.1/20090410 found nothing
Authentium 5.1.2.4/20090409 found nothing
Avast 4.8.1335.0/20090409 found nothing
AVG 8.5.0.285/20090410 found nothing
BitDefender 7.2/20090410 found nothing
CAT-QuickHeal 10.00/20090410 found nothing
ClamAV 0.94.1/20090410 found nothing
Comodo 1109/20090410 found nothing
DrWeb 4.44.0.09170/20090410 found nothing
eSafe 7.0.17.0/20090407 found nothing
eTrust-Vet 31.6.6448/20090410 found nothing
F-Prot 4.4.4.56/20090409 found nothing
F-Secure 8.0.14470.0/20090410 found nothing
Fortinet 3.117.0.0/20090409 found nothing
GData 19/20090410 found nothing
Ikarus T3.1.1.49.0/20090410 found nothing
K7AntiVirus 7.10.698/20090409 found nothing
Kaspersky 7.0.0.125/20090410 found nothing
McAfee 5579/20090409 found nothing
McAfee+Artemis 5579/20090409 found nothing
McAfee-GW-Edition 6.7.6/20090409 found nothing
Microsoft 1.4502/20090410 found nothing
NOD32 3999/20090410 found nothing
Norman 6.00.06/20090409 found nothing
nProtect 2009.1.8.0/20090410 found nothing
Panda 10.0.0.14/20090409 found nothing
PCTools 4.4.2.0/20090408 found nothing
Prevx1 V2/20090410 found nothing
Rising 21.24.43.00/20090410 found nothing
Sophos 4.40.0/20090410 found nothing
Sunbelt 3.2.1858.2/20090410 found [Trojan.Win32.Obfuscated.Gen (v)]
Symantec 1.4.4.12/20090410 found nothing
TheHacker 6.3.4.0.305/20090409 found nothing
TrendMicro 8.700.0.1004/20090410 found nothing
VBA32 3.12.10.2/20090410 found nothing
ViRobot 2009.4.10.1688/20090410 found nothing
VirusBuster 4.6.5.0/20090409 found nothing
So - my assumption is - Vipre (and Sunbelt, which is made by the same company as Vipre) is overreacting and rise false alarm. I've already informed them about false positive.
Best
Grah
Post edited April 10, 2009 by Grah
I just got this. Im using ESET Smart Security.
Bought Duke, Postal and Septerra and as soon as I started downloading Septerra my HDD started churning away for about a minute when finally ESET popped up stating it had found a virus and deleted it in the Septerra download...
avatar
lucifon: I just got this. Im using ESET Smart Security.
Bought Duke, Postal and Septerra and as soon as I started downloading Septerra my HDD started churning away for about a minute when finally ESET popped up stating it had found a virus and deleted it in the Septerra download...

It's still a false positive. See the earlier post by Grah.
avatar
VagrantWolf: And worse, the programs you recommend -- Avast and AVG -- are free ativirus programs which rate very poorly according to just about every antivirus journal out there, the top three antivirus suites at the moment are Kaspersky Antivirus, Nod32, and Vipre Antivirus. The latter of which I use, and has been critically acclaimed.

hahahahaha you are kidding right? You know anything about how review sites on the internet get their profits? adds. and who do you think pays for those adds? Reviewer integrity is non existant when sites risk losing their sole source of income by doing a bad review. that's why i use gaming sites, only for news, and never reviews, and about anti virus programs, just try them all, and see which one you find safer. me personally avg with spybot (another free program) and zonealarm (yeah this one i payed for, but any free firewalls I found, I just didn't like their interface)
avatar
VagrantWolf: And worse, the programs you recommend -- Avast and AVG -- are free ativirus programs which rate very poorly according to just about every antivirus journal out there, the top three antivirus suites at the moment are Kaspersky Antivirus, Nod32, and Vipre Antivirus. The latter of which I use, and has been critically acclaimed.
avatar
ZeroAX: hahahahaha you are kidding right? You know anything about how review sites on the internet get their profits? adds. and who do you think pays for those adds? Reviewer integrity is non existant when sites risk losing their sole source of income by doing a bad review. that's why i use gaming sites, only for news, and never reviews, and about anti virus programs, just try them all, and see which one you find safer. me personally avg with spybot (another free program) and zonealarm (yeah this one i payed for, but any free firewalls I found, I just didn't like their interface)

Not all of us are paid off, believe it or not. :P
Even very commercial entities like X-Play are not.

Not all of us are paid off, believe it or not. :P
Even very commercial entities like X-Play are not.

Just because it isn't a tit for tat deal doesn't mean that there is an absence of pressure from the owners and editors.
You guys want a reliable source for AV comparatives?
Try here:
http://www.av-comparatives.org/
They run the comparatives very often and they test lots of AVs.
I am positive they do not get go for the money.
EDIT: Also found the following:
http://www.av-test.org/
http://vx.netlux.org/
The last link also provides virus samples (over 4 GB!) which you can use to make your own tests.
Regards
Post edited July 09, 2009 by pool7
Let me preface this post by saying that I'm a new GoG customer, and so far I really love the website and the community and I hope this is just something on my end.
I attempted to run Might and Magic VI today, after having played it just earlier in the day, and got a warning from Avast! that it was a trojan. I was suspicious, so I attempted to run it from the program file directly, and got the same thing. I then did a system restore and attempted to run it again, and got the same message. I then had Avast run a virus scan (which I am in the middle of right now), and it has found multiple viruses, most of them with GoG files (Might and Magic VI, Heroes of Might and Magic III, Duke 3d, Septerra Core). The odd thing is that prior to this, I have played Might and Magic VI and Heroes of Might and Magic III multiple times and had nothing come up. Anyone have any ideas as to what could have caused this? I'm suspicious it was the patch from MM6 that I downloaded, linked in the MM6 forums here on GoG (its a stick actually), but there are no posts on that thread mentioning anyone having problems with it.