Antivirus and ZDoom conflicts

[Impie]

I'd like to know if anyone else has had similar antivirus-related oddities when running this port. I use TrendMicro Antivirus and until today it has never made a peep about ZDoom. I've run Doom and Hexen probably a dozen times or more in the last few days, but today TrendMicro suddenly decided to block the program when I tried to run a new wad. At first I thought the wad must have been corrupted or infected, but I quickly found that it no longer wanted me to run the wads I was playing yesterday, either. It lets me run ZDoom by itself with the regular iwads, but it still complains. Then I thought maybe it was doing this in the background all this time without my knowledge, but the activity logs show it's developed a suspicion of ZDoom only just today. And of course, a virus scan with the most recent updates turned up nothing.

On the one hand I want to make TrendMicro ignore ZDoom. Easy solution. On the other hand, as I said, it's never done this before today, so I'm worried about going through with it. If anyone else has experienced antivirus fickleness like this with ZDoom or any other port I'd appreciate your input, even if it just proves that I'm overlooking something obvious.

[Jim Rainer]

Uh oh, this might be bad. Try downloading windows defender(don't know if this program works in non-windows computers) and scanning with that. You might have contracted a virus that bypassed your current virus scanner and made itself unknown or undetectable by trendmicro. I hope this isn't the case, though. Happened to my parents' computer about 5 months ago, nearly had to format the hard drive to get rid of it. Nasty stuff.

[RazTK]

False reports are something inevitable when it comes to Anti-Virus programs, I guess.

[Impie]

Jim Rainer said:

You might have contracted a virus that bypassed your current virus scanner and made itself unknown or undetectable

Yeah that happened to our computer last month when we were using Norton Antivirus. TrendMicro and Webroot Spysweeper were recommended as replacements because they're reputedly more effective, which seems true so far.

TrendMicro has suddenly decided to bite the bullet with ZDoom, so I'm hoping it was just a fluke and not another fucking trojan. The latter would mean that antivirus programs are all useless, which part of me just refuses to believe. I'm gonna hafta ride this out and see what happens.

[TheDarkArchon]

Jim Rainer said:

Try downloading windows defender(don't know if this program works in non-windows computers) and scanning with that.

Windows Defender is an anti-spyware (not an Anti-Virus) program and a poor one at that. And, to the suprise of absolutely no-one, it doesn't run in non-Windows environments.

As for the original question: Never happened to me, aside from the false positive on FMOD.dll from AVG a few months back (which affected more than ZDoom)

[John Smith]

Surprise, you don't need anti-spyware software in non-windows environments.

[Jim Rainer]

TheDarkArchon said:

Windows Defender is an anti-spyware (not an Anti-Virus) program and a poor one at that.

I don't know about that. It removed a very malicious virus from my parents' computer without any problem.

[GreyGhost]

Impie said:

TrendMicro has suddenly decided to bite the bullet with ZDoom, so I'm hoping it was just a fluke and not another fucking trojan. The latter would mean that antivirus programs are all useless, which part of me just refuses to believe. I'm gonna hafta ride this out and see what happens.

I've had a few false positives using Nod32 AntiVirus over the last 4 years - on one occasion it was flagging RAR archives as virus infected. :O
That sort of situation arises when a recently added virus definition string (supposedly unique) finds a match in a clean piece of code.
If TrendMicro's complaining about ZDoom - submit a copy for analysis. With any luck ZDoom will be cleared and they'll change the definition string.

[NiGHTMARE]

John Smith said:

Surprise, you don't need anti-spyware software in non-windows environments.

That most definitely is NOT true. While other operating systems certainly don't have much in the way of spyware (and indeed malware in general), that doesn't mean they have none at all. A relatively famous example is the Mac spyware/trojan known as OSX.RSPlug, also called DNSChanger.

In general, taking the attitude that by not using Windows your system is completely immune to malware -- and consequently not taking the proper precautions -- may very well lead to your system becoming infected. If anti-spyware and anti-virus software actually exists on your operating system (e.g. MacScan), for goodness sakes use it!

Determined individuals have managed to crack or bypass pretty much all copy protection and DRM software ever developed, hack into supposedly "hackproof" websites, and beaten many other pieces of software that claim to be "invulnerable", so why should operating systems be any different? Users and developers of certain operating systems may claim that their OS is immune to malware, but guess what? Humans are capable of being wrong! :)

[exp(x)]

Name one wild Linux virus of any threat.

[Impie]

I'm using windows, so I dunno how I gave the impression that I wasn't. Either way, it seems to have been a false report because it's fine now, but I'm glad I got you fellas' input to ease my paranoia. If it happens again I'll keep an eye on it.

[GreyGhost]

exp(x) said:

Name one wild Linux virus of any threat.

Windows?

[chungy]

exp(x) said:

Name one wild Linux virus of any threat.

Out of the dozen Linux viruses that have actually existed.... none of them were ever really in the wild. None of them having any effect anymore.

Getting root access to a system and planting a rootkit is a far more successful scenario. And getting to that point is near impossible for most victims.

ClamAV and McAffee and probably a couple others have Linux versions primarily to scan for Windows viruses on a server. If you have an email server, the Windows virus might not do a damn thing, but Windows clients can be affected (ESPECIALLY if they use the paid-for version of MS Outlook, which autoexecutes attachments; that's right, Outlook Express lacks the insecurity there)

[Csonicgo]

exp(x) said:

Name one wild Linux virus of any threat.

Steven Ballmer