Jump to content

[FALSE POSITIVE] Kaspersky warning about Trojan-Ransom.Win32.Foreign.gen in world.dll

BaD CrC

By BaD CrC
in General Bugs

 Share

Recommended Posts

Oceandar

Oceandar

Posted
Posted
I use ESET as well, and it shows that I16FM.dll is infected with Win64/Packed.VMProtect.IR.
Hmm... thats weird. I'm using ESET Internet Security. Always with the latest update.

Mastering others is strength. Mastering yourself is true power. - Lao Tze

maxTRX

maxTRX

Posted
Posted (edited)
For what it's worth, i ran World.dll and WorldGeneral.dll through the Kaspersky online virus checker. Both came up green.

Did the same on VirusTotal where resp. 5 and 4 out of 68 scanners detected them as malware (BitDefender and Kaspersky came both up green).

If you then look into details, there is not much going on beside that the files are not signed.

 

That's what my AV was alarmed about. What the hell ED? Sign them next time :D

 

I think I'll give up torrent d/l until I enlighten myself on how this process works.

Edited by Gripes323
  • ED Team
BIGNEWY

BIGNEWY

Posted
  • ED Team
Posted

This is a false positive, if you are happy please add DCS to your whitelist or wait for your antivirus definitions to update.

 

thanks

smallCATPILOT.PNG.04bbece1b27ff1b2c193b174ec410fc0.PNG

Forum rules - DCS Crashing? Try this first - Cleanup and Repair - Discord BIGNEWY#8703 - Youtube - Patch Status

Windows 11, NVIDIA MSI RTX 3090, Intel® i9-10900K 3.70GHz, 5.30GHz Turbo, Corsair Hydro Series H150i Pro, 64GB DDR @3200, ASUS ROG Strix Z490-F Gaming, PIMAX Crystal

Quadg

Quadg

Posted
Posted

i think they are changing their DRM system.

 

and its the new DRM that is setting off all the false positives (DRM and virus have a lot in common)

 

they are talking to the supplier of the DRM about all the false positives.

 

edit : ninja'd by bignewy

My Rig: AM5 7950X, 32GB DDR5 6000, M2 SSD, EVGA 1080 Superclocked, Warthog Throttle and Stick, MFG Crosswinds, Oculus Rift.

Gannet

Gannet

Posted
Posted

Same issue with Bullguard - I16FM.dll

i7 8770 4 16MB RAM Geforce GTX 1070 8GB, Win 10 64, TH Warthog Hotas, Saitek Pedals, TIR5, Woodburning Stove, Dog, Zamberlan boots, P&H Kayak, Getaway Car[sIGPIC][/sIGPIC]

  • 2 weeks later...
Wiesel02

Wiesel02

Posted
Posted

sharing the pain..

 

Same here, last week it was mainly "I16FM.dll", today it's been "World.dll" first after today's update, then restoring that file, restart PC, and now it's the "F14-HeatblurCommon.dll"... :music_whistling:

  • ED Team
c0ff

c0ff

Posted
  • ED Team
Posted
How safe is torrent download?

 

Absolutely safe. The hashes of what should be downloaded come from our servers (digitally signed of course). The source of data is not important after that - if it does not match the hash it will be rejected.

Dmitry S. Baikov @ Eagle Dynamics

LockOn FC2 Soundtrack Remastered out NOW everywhere - https://band.link/LockOnFC2.

fasteddie1

fasteddie1

Posted
Posted

Virus detected by Bitdefender after update

 

I updated to version 2.5.6 yesterday and was surprised to see another update today I believe it was 718GB.

 

After installation Bitdefender displayed this warning:

"The file E:\Program Files\Eagle Dynamics\DCS World OpenBeta\bin\World.dll is infected with Gen:Variant.Ursu.768621 and was moved to quarantine. It is recommended that you run a System Scan to make sure your system is clean"

 

How do I roll back this update?

maxTRX

maxTRX

Posted
Posted
Absolutely safe. The hashes of what should be downloaded come from our servers (digitally signed of course). The source of data is not important after that - if it does not match the hash it will be rejected.

 

Cool, thanks. Used it today with no alarms from AV

 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...