I ran a full system scan today and Spyware Doctor reported that it had found 41 hidden files. When I check the list I found that the files it had detected were components of World of Warcraft. I thought I'd best let you guys know.

Version Information

Product Version 6.1.0.447

Database Version 6.13750

AntiVirus Engine 6.1.0.50

History

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\BackgroundDownloader.exe
23/11/2009 2:53:59 PM:843

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\Battle.net.dll
23/11/2009 2:54:00 PM:93

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\Blizzard Updater.exe
23/11/2009 2:54:00 PM:203

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\BNUpdate.exe
23/11/2009 2:54:04 PM:109

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\dbghelp.dll
23/11/2009 2:54:04 PM:187

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\DivxDecoder.dll
23/11/2009 2:54:04 PM:281

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\ijl15.dll
23/11/2009 2:54:29 PM:703

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\Launcher.exe
23/11/2009 2:54:30 PM:203

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\Microsoft.VC80.CRT.manifest
23/11/2009 2:54:30 PM:250

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\msvcr80.dll
23/11/2009 2:54:30 PM:312

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\Patch.html
23/11/2009 2:54:30 PM:359

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\Patch.txt
23/11/2009 2:54:31 PM:62

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\Repair.exe
23/11/2009 2:54:31 PM:140

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\Scan.dll
23/11/2009 2:54:31 PM:781

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\unicows.dll
23/11/2009 2:54:32 PM:203

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\WoW-3.0.1-to-3.0.2-enUS-Win-Update-downloader.exe
23/11/2009 2:54:32 PM:296

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\WoW-3.0.2.9056-to-3.0.3.9183-enUS-downloader.exe
23/11/2009 2:54:32 PM:406

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\WoW-3.0.2.9056-to-3.0.3.9183-enUS-patch.exe
23/11/2009 2:54:32 PM:578

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\WoW-3.0.3.9183-to-3.0.8.9464-enUS-downloader.exe
23/11/2009 2:54:32 PM:671

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\WoW-3.0.3.9183-to-3.0.8.9464-enUS-patch.exe
23/11/2009 2:54:32 PM:843

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\WoW-3.0.8.9464-to-3.0.8.9506-enUS-downloader.exe
23/11/2009 2:54:32 PM:968

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\WoW-3.0.8.9464-to-3.0.8.9506-enUS-patch.exe
23/11/2009 2:54:33 PM:109

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\WoW-3.0.8.9506-to-3.0.9.9551-enUS-downloader.exe
23/11/2009 2:54:33 PM:218

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\WoW-3.0.8.9506-to-3.0.9.9551-enUS-patch.exe
23/11/2009 2:54:33 PM:406

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\WoW-3.0.9.9551-to-3.1.0.9767-enUS-downloader.exe
23/11/2009 2:54:33 PM:562

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\WoW-3.1.0.9767-to-3.1.1.9806-enUS-downloader.exe
23/11/2009 2:54:33 PM:640

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\WoW-3.1.0.9767-to-3.1.1.9806-enUS-patch.exe
23/11/2009 2:54:33 PM:828

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\WoW-3.1.1.9806-to-3.1.1.9835-enUS-downloader.exe
23/11/2009 2:54:33 PM:953

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\WoW-3.1.1.9806-to-3.1.1.9835-enUS-patch.exe
23/11/2009 2:54:34 PM:109

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\WoW-3.1.1.9835-to-3.1.2.9901-enUS-downloader.exe
23/11/2009 2:54:34 PM:203

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\WoW-3.1.1.9835-to-3.1.2.9901-enUS-patch.exe
23/11/2009 2:54:34 PM:375

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\WoW-3.1.2.9901-to-3.1.3.9947-enUS-downloader.exe
23/11/2009 2:54:34 PM:500

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\WoW-3.1.2.9901-to-3.1.3.9947-enUS-patch.exe
23/11/2009 2:54:34 PM:625

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enUS-downloader.exe
23/11/2009 2:54:34 PM:718

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enUS-patch.exe
23/11/2009 2:54:34 PM:890

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-enUS-downloader.exe
23/11/2009 2:54:35 PM:0

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-enUS-patch.exe
23/11/2009 2:54:35 PM:171

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-enUS-downloader.exe
23/11/2009 2:54:35 PM:421

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-enUS-patch.exe
23/11/2009 2:54:35 PM:781

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\Wow.exe
23/11/2009 2:54:35 PM:984

Threat Name - Hidden Files
Type - File
Risk Level - High
Infection - F:\Program Files\World of Warcraft\WowError.exe

The info has been passed on to the MRC team to investigate. Will get back to you shortly.

There have been four updates since I posted this way hasn't this been fixed?

There have been four updates since I posted this way hasn't this been fixed?

We've installed WOW and gave this a test, but SD did not detect any files. Is it possible that you zip up 1 or 2 of the files being detected and attach it with your next reply?

From what you have provided above, it seems SD has detected 41 hidden files. WOW should not have any hidden files from what we can see.

Ok here are some of the files. What version of WoW did you install, was it just WoW without its two expansion packs and did you patch it?

I am having same problem.
My spyware doctor attempts to fix the problem by deleting or quarintineing
mentioned files.
Then i cant log into wow, my laucher is wiped and so r rest of files.
I have to reload the installer and patches.
When i get to 3.2, 10% in, it freezes my system.
This is probably when these files r being installed.
So i let systm sit for like 10 mins to see what the prob was, error popped up about pc tools spyware doctor.
My fix , I shutdown my spyware and started the download over again, this time w/ no probs.
Back in game , this lasts for about a week, then poof!, launcher gone again, along w/ all files mentioned above.
Im on my 5th week of this.
Need a fix please.
My only other option is just cancel this spyware and get another.

Thanks for the files. We will analyze these today and will get back to you asap.

Is the World of Warcraft directory (c:\program files\World of Warcraft\) hidden? and does it always stay hidden?

No the World of Warcraft directory is not hidden.

One other thing I forgot to mention:
What OS are you running on?
Are you using any folder or password protection software? (eg, DesktopSafe or something similar)
Is this the latest version of WOW with the latest Patch?
Do you have any other security apps installed?

I'm running on Windows Vista with my WoW files in the c:/users/public/games folder and this keeps happening to me as well. Very frustrating to have to re-install the game again. Hope to see a fix for this soon.

The OS I'm Running is Windows XP Home Edition Service Pack 3 and I have the latest version of WoW which is 3.2.2.10505. I also have both of WoW's expansion packs installed, The Burning Crusade and Wrath of the Lich King. I don't use DesktopSafe or anything like it but I have McAfee Total Protection installed but I've been running it alone side Spyware Doctor for more then a year now and its never caused any problems like this.

I have been having the same problem with my World of Warcraft files. I am using Window XP. I do not have any other antivirus installed other than PC tools Spyware Doctor. I am also behind a firewall.

I only have had to reinstall WoTLK expansion for Wow to work again, but it still is a pain to do, and hope I don't need to make a habit of it. After I have relogged in to WoW, I then create a back up folder and copy the whole World of Warcraft folder and stick it in another place. It still take a bit for the folders to copy over but it works so far.

The date this happened is Dec 1st, 2009

I'm not sure if I see a pattern but it seems to happen on a Tuesday after WoW's patch day.

Hi Guys,

Could you confirm the version of SD installed?

GunShip03, I see that you mention using SD v6, could you please upgrade to SD v7 (http://www.pctools.com/forum/showthread.php?t=61050) and see whether you can reproduce this problem.

Finally, we managed to recreate the problem with SDv6 :D
The problem doesn't occur with SDv7, so all you need to do is upgrade to the latest version of Spyware doctor to address this problem.

For more info on Spyware Doctor v7, please click here (http://www.pctools.com/forum/showthread.php?t=61050).

Why can't you just fix version 6?

Why can't you just fix version 6?

The reason behind releasing new versions/upgrades is because it includes bug fixes from previous versions and also includes enhancements/improvements to the product to keep up to date with the latest threats. If we were to fix this in version 6, then version 6 would become version 7 ;) If the bug was found with v7, then we'd fix this and push out the fix in a newer version.
Is there a reason why you wish to continue using version 6?

I am having same problem.
My spyware doctor attempts to fix the problem by deleting or quarintineing
mentioned files.
Then i cant log into wow, my laucher is wiped and so r rest of files.
I have to reload the installer and patches.
When i get to 3.2, 10% in, it freezes my system.
This is probably when these files r being installed.
So i let systm sit for like 10 mins to see what the prob was, error popped up about pc tools spyware doctor.
My fix , I shutdown my spyware and started the download over again, this time w/ no probs.
Back in game , this lasts for about a week, then poof!, launcher gone again, along w/ all files mentioned above.
Im on my 5th week of this.
Need a fix please.
My only other option is just cancel this spyware and get another.

SD ran scan intelligent scan this afternoon, I accepted results (since it always comes up w/large number of hits which such as advert tracking cookies, etc.), but noticed that SD wanted to reboot afterward, first time for that. I didn't reboot, but found that World of Warcraft launcher was missing, and a number of files from the install had been deleted. Am trying to undo the damage, but will have to uninstall SD if I cannot do so and have to reinstall everything. I'm running WinXP, only using PC Tools security products at this time.

I am having same problem.
My spyware doctor attempts to fix the problem by deleting or quarintineing
mentioned files.
Then i cant log into wow, my laucher is wiped and so r rest of files.
I have to reload the installer and patches.
When i get to 3.2, 10% in, it freezes my system.
This is probably when these files r being installed.
So i let systm sit for like 10 mins to see what the prob was, error popped up about pc tools spyware doctor.
My fix , I shutdown my spyware and started the download over again, this time w/ no probs.
Back in game , this lasts for about a week, then poof!, launcher gone again, along w/ all files mentioned above.
Im on my 5th week of this.
Need a fix please.
My only other option is just cancel this spyware and get another.

Just confirmed that a great number of WoW files have been deleted by SD. Don't understand why, as have been using for over a week w/no problem. Will try to reinstall, will check if SD blocks install or deletes folders again.

Ok, I have the newest version of Spyware doctor w/ antivirus installed. I cannot play in the games that I run (WoW and Ragnarok) due to the same step freeze step freeze junk as described in a previous post. It also affects some content (videos) when I'm online. I do not know enough about computers to tell you where the problem is, but I do know that Spyware is taking up way too much CPU usage and killing my chances to play (I'm a college student we have little time). I turned off Itelliguard, hit the game mode, and still have problems. Please fix this. I like Spyware Doctor - it has saved my rear innumerable times, but I need to play (I'm a crazy collector chick..missing chances for stuff makes me berry mad). If someone could fix this or give me a way to run my games and still be protected, I'd greatly appreciate it.


:)

Hi Guys,

If you are experiencing problems with WOW, could you please confirm the version number of Spyware Doctor that is installed on your system?

I am currently running Product Version 7.0.0.513 / Database version 6.13870 / and Anti-virus version 7.0.0.92

I just tried to log on to WoW after updating it and checking for updates on Spyware Doctor, and I still have the same problem. If you need more info, let me know.




:)

I am currently running Product Version 7.0.0.513 / Database version 6.13870 / and Anti-virus version 7.0.0.92 and that worked for 3.2. i havent had a prob till today, 3.3 hit.
same story cept now i get to 70% download then system freezes.
I shut down threatfire and got it to download.
Now i get all the way to login screen and it crashes.
U know, this all started when we had to convert to battlenet, bout a month ago.

At the risk of being obvious, have the folks still having problems with WoW tried running Blizzard's repair utility (http://us.blizzard.com/support/article.xml?locale=en_US&articleId=21020&parentCategoryId&pageNumber=1&categoryId=2334)? It's meant to scan for corrupt WoW files, and fix them if it can.

Not suggesting that it's not SD's fault, but checking the warcraft files are all valid will remove one possible problem.

I've been experiencing these issues as well. With all the WoW patch woes today I ran the repair tool earlier just for good measure and it found no problems. I'm only running Treatfire 4.7.0.11 but have resolved to disabling it when using anything blizzard related. Whether it's the downloader, patches, launcher links, and now with 3.3 going live even logging into the game causes TF to completely lock up my system or if i'm lucky it will just "stop working" without forcing a hard reboot.

I've been experiencing these issues as well. With all the WoW patch woes today I ran the repair tool earlier just for good measure and it found no problems. I'm only running Treatfire 4.7.0.11 but have resolved to disabling it when using anything blizzard related. Whether it's the downloader, patches, launcher links, and now with 3.3 going live even logging into the game causes TF to completely lock up my system or if i'm lucky it will just "stop working" without forcing a hard reboot.

That might be something worth trying, for the other guys & gals too.

If you're not running TF itself, you may still want to try turning off BehaviorGuard via your MyAccount (http://www.pctools.com/forum/showthread.php?t=48180) page (NOTE: disabling on the SD IntelliGuard settings screen is not enough). Once you've done that, you'll need to start a Smart Update, for SD to notice the account changes.

There are some existing problems with TF/BehaviorGuard with the anti-cheat systems of some games. Maybe WoW just added itself to that list, with its recent round of updates?

Not ideal to turn it off, but if it does stop the problems, it will show where to start fixing things.

We have isolated this issue.

Turns out that the process triggers an alert. We want to know what type of alert to throw (Yellow, white, or none at all) but get stuck becuase of some memory addressing issues. We have fixed these and are probably going to create another build iteration as a result.

This will get pushed out to both Behavior Guard users and ThreatFire users alike.

The timeline on this is still up for grabs, although "soon" is what we're thinking, but for now this is where we're going.

-ebennett

I have to disable intelliguard before playing world of warcraft - if left on, it causes my whole PC to crash.