Far Cry 2 Trainer: Reported Virus

I'm 95% sure this is a false positive, but I'd like to double check.


I downloaded this trainer from a forum on gamefaqs.com (made by a regular member) and when I extracted it BitDefender went nuts. It says the file is a virus, "Virtool.529" to be exact.


Other members reported getting virus alerts too, and you can see these reports on the aforementioned forum (click the link).


As I understand it, the trainer was made with Cheat Engine, if that matters.


I ran the file in Sandboxie and it seemed clean.


The file is attached in a .RAR archive, with a password of infected, just in case it is indeed a virus!


Cheers :D

/applications/core/interface/file/attachment.php?id=3693" data-fileid="3693" rel="">farcry2_trainer.rar

Comments

  • Another trainer blocked as a virus:


    "Application.Hatkeys.H"


    C:\Windows\sysWOW64\H@tKeysH@@k.dll


    Attached, with the same password.

    /applications/core/interface/file/attachment.php?id=3694" data-fileid="3694" rel="">another_farcry2_trainer.rar

  • Hello Paddy,


    That is just a riskware detection not a virus/trojan/... detection. The only purpose of this detection is to inform people of a certain application that can cause harm when you don't have installed them. I don't know if BitDefender will remove the detection of it. What you can do is exclude it or don't let BitDefender scan for riskware.


    virtool means virus construction tool. Here a virus researcher should decide if it's a false detection or not.


    Kind regards,


    Niels

  • Hello Paddy,


    That is just a riskware detection not a virus/trojan/... detection. The only purpose of this detection is to inform people of a certain application that can cause harm when you don't have installed them. I don't know if BitDefender will remove the detection of it. What you can do is exclude it or don't let BitDefender scan for riskware.


    virtool means virus construction tool. Here a virus researcher should decide if it's a false detection or not.


    Kind regards,


    Niels


    Thanks for the reply.


    I think BitDefender considers the file to be more than "riskware", because it deletes it the moment I extract it from the archive without asking me. I'd imagine if it was riskware I would simply be altered, then asked if I permit the application to execute.


    I found another trainer that doesn't give any alerts, however, so I'm not in any rush to have this one solved :P


    Cheers!

  • rootkit
    rootkit ✭✭✭

    Please wait for a Virus Researcher ;)

  • Hello Paddy,


    Some trainers could contain trojans. But you have downloaded it from a legitimate website. I don't say that that website can't be compromised. I don't know if the same actions are applied on riskware than on other infections. I think that it automatically deletes it. But I am not 100 % sure about it. When I once had installed a trainer the same file as yours was automatically deleted. You can try to change the actions that should be taken on infections and see if riskware now isn't deleted anymore. Glad that you appreciated my reply. You are welcome.


    Kind regards,


    Niels