Home Trending Latest threads New posts Developer diaries

Virus?

Jump to latest Follow Reply
  • We have updated our Community Code of Conduct. Please read through the new rules for the forum that are an integral part of Paradox Interactive’s User Agreement.
unmerged(40828)

unmerged(40828)

Corporal
Mar 3, 2005
35
0
When i started my computer today i got this message from my antivirus program:

Threat detected!

File name: C:\Program\Paradox Interactive\Doomsday\Editor.exe

Threat name: Trojan horse Downloader.Agent.AKRQ
Detected on open.

Can anyone explain why i get this? Is the file infected or is my antivirus stupid?
 
I also got this report with AVG today. Our virus programs are mistaken - overly cautious in deciding that the editor has a virus.

Nonetheless, it is not safe to use the Editor.exe for editing, not because it has a virus, but because it tends to corrupt your HOI2 game install.
 
yeah i just noticed the same thing. AVG think it's a Virus.

Kinda funny really.

Well the not so funny thing is that during a scan. AVG will delete the editor.exe file. (Lucky for me, I do keep a saftey file on a different harddrive.
 
Last edited:
I think it's just that the anti virus programs look at it, and finds that it's a program that rewrites a programs files (just liek a virus) but that's what the editor is meant to do.

Also I doubt you have to worry about getting infected by the editor. You are more likely to destroy the vanila game files with the editor then getting infected
 
I confirm this happened to me also yesterday.

Agent.AKRQ is a very obscure trojan; it may be a false positive but it is odd that several different Anti-Virus programs are all detecting this.
 
I say that most of the antivirus programs do the same thing - look for something that overwrites other files, like Smeghead said.
Norton, avast; or whatever it is, it finds it as a trojan because all of them are looking for the same thing. Believe it, paradox would never give you a trojan :p
 
It's probebly just that the programs have all been updated with a new form of virus to check for around teh same time (they are all trying to keep up to date, so that's good), and suddenly the editor somehow matches this new trojan version. (And if the editor had been a trojan it would have been discovered a long time ago, i mean the editor is like 3 years old or something)
 
This just happened to me during a game, wish I saved...

I am being cautious about this, I mean it is plausible that someone could target the Editor because we know it edits stuff, as its supposed to. Maybe its using our own knowledge against us? Well I'm no programming expert or something so I don't know if that is possible.

I'm going to wait awhile and run some scans. If I get no updates or something, I'm putting the file into my exclusion list, wouldn't be the first.

Oh I use Avast! by the way.
 
hoivirus.jpg


Also, just got this. Will create a backup of the file, then quarantine this until someone from P'dox responds.
 
I trust Paradox, but theres no harm in being cautious anyway
 
I cannot use the HoI 2 editor... I was hoping to create Wales as a new country with a few utilities :(

Any fixes for this? The editor and the entire Paradox Interactive folder is on my exclusions but I still cannot use it. :confused:
 
swetiger said:
Can anyone explain why i get this? Is the file infected or is my antivirus stupid?
Click to expand...


I had that problem on my friend's computer which runs Norton, but when I scanned the Paradox files directly on my own computer with Spybot SD, it showed that there was no threat to my computer. Spybot has been ranked as one of the best anti-prettymuchanything out there programs, so really all of this is just a coinkydink from having an antivirus program with not-so-good detection rules.
 
This is a Virus and it was placed into the game by design by Paradox so remove it as it is a virus. Other wise Paradox Support would have been on this already and said otherwise, and I have not seen a thing from them. Why did they put a Trojan Horse virus in with the game files?

Trojan Horse is a malicious application, which can not spread itself. Original Trojan Horses were programs which acted as a useful utility. Although, in fact, their start used to cause damage to disc content (or part of it).

At the present time the most spreading Trojan Horses are BackDoor Trojans. They enable remote access to infected computers and PSW (Password Stealers) - they are trying to gather as much private information from the infected computer as possible and to send the info through the Internet.

To remove the Trojan Horse, it is enough to delete the detected file.
 
This is a Virus and it was placed into the game by design by Paradox so remove it as it is a virus. Other wise Paradox Support would have been on this already and said otherwise, and I have not seen a thing from them. Why did they put a Trojan Horse virus in with the game files?
Click to expand...

I highly doubt a respected and much loved developer is going to deliberately add a backdoor into their software. If anything it is either:

a) False positive noticed because of the way the program works (editing other files on the system)

b) A trojan designed to target the editor.exe in an attempt to disguise itself as a false positive.

Personally, I opt for the A.

It would be nice if Paradox could respond to this though...
 
or c) Whoever produced the CD's for the Anthology had a virus already and somehow got attached to the Editor.exe

I dont think Paradox would myself but after dealing with EA, THQ, and several other companies I just dont know anymore.
 
Comparing Paradox with EA is blasphemy round these parts :)
 
You must log in or register to reply here.
Top Bottom
Back