Virus Report crashing The Quest and its expansions

Can anyone please help me?
I can no longer play The Quest or its many excellent expansions. This may be coincidental but ever since I downloaded the Basiliks Eye expansion the Mcaffee virus protection programme I have on my PC keeps crashing the game stating that it has stopped a virus attacking my machine. The virus is allegedly located in c:\Program Files (x66)Steamapps\common\The Quest\The Quest exec. Real Protect - SS!8EF4F129E3D.
I am certain that Cat and co. would not release an expansion with a virus on it but I only get this happening with the expansions from Thor's Hammer onward. The Quest base game and Islands of Ice and Fire do not cause this.
I would be grateful for any help or ideas.
DMB (Malcolm)

Comments

  • edited February 7

    You should write elendil@redshift.hu and send him a save file. No one else has reported such a problem. Another possible help might be to uninstall and reinstall Steam. We have no way to look into error messages like that. The engine is handled by Redshift. The Quest exec file in SteamApps\common]TheQuest\TheQuest.exec is the Quest engine application. Not our expansion. We have nothing to do with its programming and can't even open that file.

  • Thank you for your prompt reply. I will do as you suggested.

  • You could also delete the expansion and reinstall but I think the problem is with the engine. It was updated a few times. Maybe you have an older version. Or maybe McAfee is just being ornery. I use Trend Micro and have no problems like that. In any case, sadly there is nothing I can do to help you. Only Elendil can.

  • edited March 31

    @dmb said:
    Can anyone please help me?
    I can no longer play The Quest or its many excellent expansions. This may be coincidental but ever since I downloaded the Basiliks Eye expansion the Mcaffee virus protection programme I have on my PC keeps crashing the game stating that it has stopped a virus attacking my machine. The virus is allegedly located in c:\Program Files (x66)Steamapps\common\The Quest\The Quest exec. Real Protect - SS!8EF4F129E3D.
    I am certain that Cat and co. would not release an expansion with a virus on it but I only get this happening with the expansions from Thor's Hammer onward. The Quest base game and Islands of Ice and Fire do not cause this.
    I would be grateful for any help or ideas.
    DMB (Malcolm)

    I know this is ancient, but incase anyone runs into this again, i want to drop an answer:

    The executable code in the expansions is only executable through TheQuest.exe and TheQuestEditor.exe and these two programs are not identified by your antiviruses as viruses. This is known as a "false positive." That's the short and simple answer.

    The longer answer is that antiviruses have 2 methods of identifying viruses. There's the "signature" method and the "heuristics" method. With heuristics, antiviruses tend to be overzealous and attack any file that's not on a white list that engages in what it considers "risky behavior." This would require that the the antivirus be able to read and parse the files as executables, which isn't possible with expansions. The "signature" method is an inherently whack-a-mole style method (and also the most common method) where anti-virus companies get copies of the viruses, then they try to find a series of bytes in the file to call the "signature" hoping that no other file on the internet just so happens to have that same sequence, which is incredibly unlikely (creating an "allergy" type effect, where you end up with a series of safe files that become false positives). The Quests expansions, more specifically, use file formats that could incorproate LZW, DEFLATE, and similar algorithms in order to attempt to save space, but this comes at the cost that the lack of wasted space is more likely to have a collision with an antivirus' signature for a given virus.

    And a little rant on the problems with antiviruses... Heuristics is overzealous and can occasionally target programs you want to keep that are not infectious. The signature method relies entirely on customers reporting suspicious files, then they generate a signature, and a better analogy would be "vaccine" rather than "antivirus" given that rate of false positives, and the likelihood of something getting through undetected ("hackers" have found really easy ways to change files to break the signature detection, and microsoft has found these backdoor features too essential to remove from Windows, so they're not going away any time soon) and also never getting detected, kind of like how the flu vaccine never ends up working in practice (never better than about 50% according to the CDC). I have a very unpopular opinion that these things are mostly worthless, unless in a corporate environment or you're into the mainstream seedy stuff (largely because protection is based on detecting what someone else got, so if you're in seedy places you'll likely only get hit with things other people got hit with). These things generate a false sense of security, and you are not protected against more targeted attacks. If I were to make a virus and you downloaded it from here, since it'd be localised to this site's relatively small userbase, you'd be in trouble.

    EDIT: And it's for the reason of false positives, it's a common feature in these antiviruses to include an "exception" option. Just make the files an exception.

    A sample of someone else having this problem.

    There's also the email blacklist (which is what a signature method really is) issue that people were having a long, long time ago for spam prevention. Click here for more.

Sign In or Register to comment.