|
The_Gun_Man
Member
Posts: 32
|
 |
« on: June 21, 2007, 04:16:27 pm » |
|
While running the updater this popped up. AVG Threat detected C:\Quake2\anticheat.dll infected with Win32/Heur I had to download a new one sinse it was moved to the vault, so I ran a scan on the new one and this is what came up.  |
|
|
|
« Last Edit: June 21, 2007, 04:28:28 pm by The_Gun_Man »
|
Logged
|
|
|
|
R1CH
Administrator
Member
Posts: 2625
|
|
« Reply #1 on: June 21, 2007, 04:17:01 pm » |
|
This is a heuristic detection and can be ignored.
|
|
|
|
|
Logged
|
|
|
|
|
The_Gun_Man
Member
Posts: 32
|
|
« Reply #2 on: June 21, 2007, 04:32:01 pm » |
|
I can't seem to find any info on this particular virus, I realize it could very well be a false positive just wanted to make sure.
|
|
|
|
|
Logged
|
|
|
|
|
James Knauff
Guest
|
|
« Reply #3 on: July 28, 2008, 07:10:18 pm » |
|
I got it too
|
|
|
|
|
Logged
|
|
|
|
|
noglorp
Guest
|
|
« Reply #4 on: August 02, 2008, 02:42:42 am » |
|
It is a false positive. Heur means heuristic detection: not matching a particular virus, but it looks kind of like a virus. This is because anticheat.dll uses a funky packer to prevent hackers from reverse engineering it. Lots of viruses try to avoid analysis with weird packing techniques too.
|
|
|
|
|
Logged
|
|
|
|
|
Kairat
Guest
|
|
« Reply #5 on: September 29, 2008, 04:41:57 am » |
|
It strikes .exe files
|
|
|
|
|
Logged
|
|
|
|
|
gatorgirl
Guest
|
|
« Reply #6 on: October 20, 2008, 10:30:09 pm » |
|
So.....Does anyone know how to get rid of it?
|
|
|
|
|
Logged
|
|
|
|
|
wision
|
|
« Reply #7 on: October 21, 2008, 06:40:42 am » |
|
you can get better antivirus software (which has less false positives).. or just add the exception for r1q2
|
|
|
|
|
Logged
|
|
|
|
|
QwazyWabbit
Member
Posts: 401
|
|
« Reply #8 on: October 21, 2008, 06:59:26 am » |
|
Heur stands for Heuristic. Heuristic scanning uses probablilities and rules to determine the likelyhood that a file contains a virus. In this case the AVG program is trying to analyze a file based on rules about or characteristics of known viruses. One of the characteristics is packing or encrypting the code inside. This makes the file "suspicious" to the AVG program. A more advanced program might use the unpacker code to decrypt the code and analyze the instructions to see if it was really malicious. AVG doesn't.
Wision's suggestion is an excellent one. Add the anticheat.dll file to the list of files that the AVG program should not scan.
|
|
|
|
|
Logged
|
|
|
|
R1CH
Administrator
Member
Posts: 2625
|
|
« Reply #9 on: October 21, 2008, 03:15:49 pm » |
|
The latest AVG8 does not cause problems, make sure you have updated.
|
|
|
|
|
Logged
|
|
|
|
|
gav
Guest
|
|
« Reply #10 on: November 01, 2008, 04:58:58 pm » |
|
I have the latest Avg 8.0 and it gives me the same thing. Win32/heur2
|
|
|
|
|
Logged
|
|
|
|
|
pallokallo
|
|
« Reply #11 on: November 01, 2008, 07:24:11 pm » |
|
Yes antivir updated their definition file too and the problem was solved but almost next week detected it again.. Just add anticheat.dll to your antivirus exception list.
|
|
|
|
« Last Edit: November 01, 2008, 07:26:36 pm by pallokallo »
|
Logged
|
|
|
|
|
nameless
Guest
|
|
« Reply #12 on: December 18, 2008, 01:14:49 am » |
|
but how to add where??? what part
|
|
|
|
|
Logged
|
|
|
|
|
In pain
Guest
|
|
« Reply #13 on: December 25, 2008, 08:21:28 pm » |
|
I Am getting the same pop-ups as well. Win32/Heur. AVG-8 does not seem to fix or clean as well. What is it any way?
==>Click on REMOVE threats does not seem to clean it. It comes back again.
==>Remove threat as Power User does not seem to clean it as well.
Has any one succeeded cleaning it? And what kind of S.ware? thnx.
|
|
|
|
|
Logged
|
|
|
|
R1CH
Administrator
Member
Posts: 2625
|
|
« Reply #14 on: December 25, 2008, 10:03:57 pm » |
|
I'm going to close this thread as it is attracting too many Google hits from non-anticheat users. The solution has been stated, add your Q2 folder to AVG exceptions list or get a better AV  . |
|
|
|
|
Logged
|
|
|
|
|
Author