Hello,

Unless I missed it, I do not see any recent posts (Sept/Oct 2008) regarding this problem. My apologies for double posting if I am incorrect.

Teamspeak2 RC2 2.0.33.7 running fine until last week.

We started having "choppy" voices while we were all talking in our server. Never been a problem before. Running on a server (2.0.24.1) in our home, for gaming guild. Only mentioning these details fyi.

This evening when I went to startup TS client, windows popped up a message that the .exe did not exist at the shortcut's location. Closed the message and tried a few more times. Same thing.

Went into the directory and started the program direct from the .exe there.
AVG anti-virus (ver 7.5.526) popped up with Infected message, "Trojan Horse BackDoor.Generic10.MLD". I selected "heal" first. Tried again, same thing, this time quarantined for future info.

Came back to download the "updated executable" again, and when I selected download, AVG popped again. I stopped the download and chose the EU mirror, same thing. Had the original full install put away elsewhere, reinstalled, no problem.

AVG updated today for me (Virus base: 270.7.5/1706 dated 10/03/2008) . I am only posting here to confirm "my suspicions" that the new definitions are causing a false positive.

Anyone that can confirm this for me? Thanks for your time. :) If more information is needed, let me know. Might not be back for 24 hrs. to the forums though. Staff can email if needed.

I had the exact same problem today (updated AVG, found the same "trojan" in the teamspeak 2 .exe file).

Well good to know that someone else has spotted this. Issues like this drive me nuts until I get a confirmation one way or the other.

I was going to go to AVG, but realized that they will only say to come back to TS, so no point until Staff posts here I guess.

Thx for replying though. :)

Same here. Got home tonight and started to crank up TS for some gaming and got the trojan warning from AVG.

Sounds like it is a false positive because ThreatFire didn't respond in kind.

Agree Zanzaras.

However, after I sat and thought for a moment; I realized one thing that caused a doubt. Could be that the virus definitions were not able to detect it before today as well. :(

In addition to what I noted in the "fyi" in top of my post, is that my system had slowed down terribly the last 2-3 days. This caught my attention because I just ordered and installed another 2g of ram the week before to feed Warhammer. (Saw a noticeable difference in game and fixed most of the issues.) But then this slow sluggish feeling cropped up in windows as well as the game, after I had upgraded, in the last 2-3 days.

Hopefully, it is just what we would expect, a false positive and the recent game patch. :)

I've got the same issue as well. out of the blue AVG decided teamspeak is a trojan. AVG had a similar issue with the Age of Conan launcher about a week ago. I'm losing faith in it as a viable antivirus option.

I just went to search thru "virus definitions" on each of 3 providers' sites and this trojan variation is not coming up yet. Notice the file name is labeled *.MLD? None of the libraries I've searched so far have this one. I've searched McAfee, Norton and AVG. Double check me please?

I would prefer to know its just a false positive, however with the few inconsistencies I've mentioned in my posts above; I have an unsettled feeling about it.

Does anyone know if the TS Staff follow these forums or are we suppose to email them with a question like this? Might also help if anyone with a different anti-virus could post here.

Thanks :)

Just an update. I've posted in AVG forums as well now (user name formernavuser), to see if anyone there knows/heard anything so far.

Same issue here with AVG 8... even when downloading client from TS website to reinstall, AVG immediatly pops up to say teamspeak.exe is infected with 'Trojan horse BackDoor.Generic10.MLD'

i think it's a false positive

This is a false positive - meaning that there has never been any malicious code in the TS2 client software. Here's the thread in the AVG forums related to this topic (I believe that's the thread user9999 mentioned):

http://freeforum.avg.com/read.php?4,150324,150341

I think the issue will be resoved with one of the next definition updates.

ScP,

Yes, the link you have referred to is mine. I forgot I had an old user name there. I will edit my original post here after this.

I'm afraid though, that I received a hand-slapping for posting in a general forum "AVG 7.5 - Other Issues", instead of posting under "Removing Viruses...etc", as you must have read further in the thread, and my post was moved there instead. (Kind of odd to me, that they label a forum Removal of Viruses.. etc and stick False Positives under that heading.)

Unfortunately, I don't have the expertise to follow those instructions so I will have to wait it out.

My hopes were that someone on TS Staff could test the file download here, until AVG updates again. Then we would have both confirmations. In the meantime, I will run version 2.0.32.60 of the client. Unless you recommend something different?

Thankyou for your time and can't wait for TS3! :)

I believe the problem has been resolved. I have tried to download the "updated executable" this morning and no trojan detection.

Unfortunately, AVG did not find it important enough to post back to my thread that they had fixed the problem.

Well I'm back again with an update.

I re-downloaded the "updated executable" this morning when I tested to see if AVG had fixed the "false positive". As I mentioned, no virus detected then.

However, just now I have tried to log into TS and received the same windows popup stating the shortcut target did not exist. Although this morning, I only deleted the downloaded file in the virus vault (quarantined from different location than TS directory) it also deleted the .exe from the TS directory as well. I verified this by checking the virus vault and the entry was still sitting there not deleted yet. ;-/

So I repeated the steps again. Re-installed the older version, started it up and no popups. Then installed the updated .exe next. However, when I try to use the updated .exe, I now get a Win Security Warning, "Open File - Security Warning" This publisher could not be verifed...." Publisher: Unknown Publisher

I used digest it to check the files and they're ok.

So, now I remember that within a day or so of AVG's update, I also received a Windows update for defender. Maybe this is all starting from there?

I realize I can still run the program, if I select "Run" from the windows security pop-up. I just find it frustrating trying to understand what causes what, because no one ever wants to "fess up" to anything.

ScP, if you're still reading this thread, is it possible to update your .exe so it shows as a verified publisher? (Sorry if that is a ignorant question)

It does still appear that only AVG is reporting this way. So I don't want anyone to misinterpret my post. I am not saying teamspeak is infected. I'm just trying to find out what is being read by AVG, in this program, erroneously.

Been getting this with AVG myself, running Windows Vista.

Had to disable the resident shield in order to run TeamSpeak.

I hope AVG patches this soon.