Wednesday, June 23, 2010

*SOLVED* Avira Antivirus June 23, 2010 Update is Alarming Warcraft III Players?

Just this day, I was on the internet cafe business owned by my family. Since i am the one who configured everything, my job is to maintain it also. From the operating system setup, online and offline games, up to the security, tweaks and auto-maintain features of the workstation.

I use the Avira Anti-virus 10 on the net cafe. Not to say it's free, but it also provides concrete protection (as for my experiences and for the independent antivirus testing organizations). Most of our customers are gamers. Warcraft III: Frozen Throne and the DOTA (Defense of the Ancient) are some of the most-played games since 2004.

Since i have set the Avira Anti-virus to automatic update it's viral definition, for the past months on business, i can't compare it's stability with regards to viral protection.

Just this day, one customer complained to my cafe attendant that Warcraft III: Frozen Throne is showing an error. To be exact, it's an file-missing error that the FrozenThrone.exe could not find the war3.exe. I decided to turn off my stable cyber cafe manager I then boot up another unit beside the customer to see if another computer was also having that error. If not, i could transfer him and fix it. But after launching the Frozen Throne shortcut on my desktop, i got the same error too. Until i decided to let the other computers boot up and try if it's getting the same. Well as i've suspected, they are on the same page of the book.




I turned on my Acer Aspire 4520 laptop and check for an existing topic on the internet and for me to isolate from the network i have directly connected the modem on my laptop, but got no luck. Since i am using Microsoft Windows 7 operating system, it alerted me that my antivirus was out of date. The last virus definition was dated 2 days ago so i begun updating. After a couple of seconds, notifying that my virus definition was updated, Avira Guard notified me that he found a Malware on my system. I also installed Warcraft III on my laptop for my pastime so indeed i am infected with this Malware.



It's an TR/Patched.IV.43 and the access to that file was denied. I am pretty sure that my network is clean. I did isolation per computer units then fire up a complete system and hardisk scan, and yet i only got this malware alert. Furthermore, I also tried reinstalling the client while isolating the computer out of the network. For the past years i am also playing Frozen Throne and DOTA, my trust is with them.



To releave the business out of this false alarm, and since avira is not keeping off the trail of Frozen Throne, and my customers are craving to play DOTA, the only thing i did is put the war3.exe process on the exceptions. You could found the exception option on the expert mode of Avira Antivirus. Lying beneath the Scanner > Scan tree



PS: As far as i can remember, one of my google searches give me a result that this TR/Patched.IV.43 has a variant of war*.* filename (Where * asterisk is a wild card character). If this post mislead the fact, feel free to complain below and enlighten the readers. Thank you!


Feel free to share it!

Technorati Digg it Add to Del.icio.us Stumble It! Add to Google Bookmarks Twitthis Reddit Blinklist Furl Live Yahoo

Subscribe To Us, It's Free!


Enter your email address:

Delivered by FeedBurner


Related Posts by Categories



13 comments:

Anonymous said... [Reply to comment]

ako din naexperience ko to

thnx for the info

Anonymous said... [Reply to comment]

ganda tagalog salita!! pero tnx n din!! (tagalog n din ako haha)

Anonymous said... [Reply to comment]

im having the same problem , is this virus harmful to my computer? i also did what you have said.

Ven Francis said... [Reply to comment]

hi guys, i'm not really sure about this since there's no exact proof that this "malicious" software is indeed harmful and avira's database has no definition about this one. So I suspect that this one is a false positive result for the Ahead(Advance Heauristic Analysis and Detection) technology of avira. Remember, i had noted that this malware can vary to a wild card filename of war*.*

But still don't take this as a fact for i still don't have any proof to warrant you guys. i'm still on my research. As far as i could remember, it was a russian site who provide me that info. Sorry about this, but if any one of you has the information, please consider a comment below.

Thanks!

Ms. Journ said... [Reply to comment]

Hi Ven, passing here ... sure xlink tayo. let me know if its fine.

Ms. Journ said... [Reply to comment]

Ven, ito ang mga sites ko. Pede pa add lahat.*sigh*

http://anygen-explores.info
http://www.efashionstuff.com
http://foodcookingguide.blogspot.com
http://iconnectworld.blogspot.com
http://www.decorsandgifts.info
http://www.mixandmatchonline.info
http://www.foreignpinay.com

Lahat hehehe pede? leave mo din yung sayo ha?
Thanks.

Ms. Journ said... [Reply to comment]

Ven, asan na yung mga links mo. Iwan mo sa sites ko para ma add ko agad. Thanks for adding mine here.

Decades_Pia said... [Reply to comment]

In the past years... i trust avira cuz they have a good antivir system but when the mistakes of 2 viruses "BDS/Small.iuj" and "TR/Patched.IV.43" ive loss of trust to avira... since it will now expire in november 2010, ill change a antivir program... ill use AVG i also put the war3.exe to the exception list...

Ven Francis said... [Reply to comment]

Finally, after 3 days of waiting for the lab test result, war3.exe was removed as a variant of this virus/malware.

you can view the result here

http://analysis.avira.com/samples/details.php?uniqueid=8Z18x1w1s7rYMDQvObrB4vdnzqdHvTzU&incidentid=543844

the VDF(virus definition file) was updated after 24 hours. so you guys may be able to play DOTA or Warcraft III:Frozen Throne without trouble. In case you missed the file, just restore it from the Quarantine of Avira.

cheers!

Ms. Journ said... [Reply to comment]

Ven added na ... check mo lang c u more often :-)
link is here http://www.decorsandgifts.info

Ms. Journ said... [Reply to comment]

Ven will add u up to d rest... check it out!

said... [Reply to comment]

thanks van :D , i just flows my idea on paper . wow, you like sophiticated person :D :D :D

Dota Map Hacker said... [Reply to comment]

I also expirienced this.. i remember this five days akong hindi naka dota.. amf!

Post a Comment