ophiuchus Posted February 22, 2020 Posted February 22, 2020 As stated above, ESET shows that I16FM.dll is infected with Win64/Packed.VMProtect.IR. I tried repairing but it doesn't help even when set to download through HTTP.
Japo32 Posted February 22, 2020 Posted February 22, 2020 (edited) Same here! here is also what virustotal says about it: https://gyazo.com/505ce46ffa32db1dcdd75a7882905b7e will deactivate the plane until this is safe.... was in the hotfix update. Previously it was ok. It has been said that there are infections in latest updates in world.dll and DCS.exe files. Edited February 22, 2020 by Japo32
VirusAM Posted February 22, 2020 Posted February 22, 2020 I16FM.dll is reported as infected with malware Its behavioral...it says ony that it is packed. Packed means that the coders don’t want to make it easy for others to analyze/reverse engineering the dll. By it self it does not mean the file is a malware. Many malwares are packed in order to make it difficult for the defenders to analyze it, but also many legitimate programs are packed because of copyright reasons. Vmprotect is one of the best packers and the most difficult to defeat R7-5800X3D 64GB RTX-4090 LG-38GN950 N/A Realsimulator FFSB MKII Ultra+F-16 grip+F/A-18 grip, VKB Stecs Max, VKB T-Rudder MKV, Razer Tartarus V2 Secrets Lab Tytan, Monstertech ChairMounts
zebra0312 Posted February 22, 2020 Posted February 22, 2020 After a restart even Windows Defender has a problem with it, if someone is surprised by not passing the Integrity Check next time. Servus! :smilewink: My DCS:World-Modules: A-10C, UH-1H, F-86F, Fw-190D9, MiG-21bis, P-51D, Mi-8MTV2,Bf-109K4, MiG-15bis, L-39C, Hawk, NTTR, Mirage 2000C, SA342M Gazelle. Wishlist: P-40, F-104G/S, Saab J-35 Draken, A-1H Skyraider, Su-17/22M4. :music_whistling:
ED Team BIGNEWY Posted February 23, 2020 ED Team Posted February 23, 2020 It is a false positive, please add dcs to your exclusion or wait for your antivirus definitions to update. thank you Forum rules - DCS Crashing? Try this first - Cleanup and Repair - Discord BIGNEWY#8703 - Youtube - Patch Status Windows 11, NVIDIA MSI RTX 3090, Intel® i9-10900K 3.70GHz, 5.30GHz Turbo, Corsair Hydro Series H150i Pro, 64GB DDR @3200, ASUS ROG Strix Z490-F Gaming, PIMAX Crystal
Raisuli Posted February 25, 2020 Posted February 25, 2020 It is a false positive, please add dcs to your exclusion or wait for your antivirus definitions to update. thank you That's what they all say. First it's 'false positive', then they give you an address to send all your Rubles...though given the state of the Ruble maybe not... :music_whistling: :pilotfly:
FireCat Posted February 26, 2020 Posted February 26, 2020 I find it worrying as well. Why is it identified as a trojan if it is not using the characteristics of a trojan?
Raisuli Posted February 26, 2020 Posted February 26, 2020 I find it worrying as well. Why is it identified as a trojan if it is not using the characteristics of a trojan? This is not uncommon, and goes back to the way virus scanners really work; it's not like they do DNA testing. One of my companies new releases triggered an algorithm once; took a little wile to get it resolved. Honestly, there's not much to worry about. It's an annoyance, and as BN says, you can call it safe, or you can wait for the scanners to update. The latter is 'safer' if you don't fly the I16 every day. I know how virus scanning works and lately I've been crashing helos when I need a break, so I'm waiting for the scanner to update.
Mars Exulte Posted February 27, 2020 Posted February 27, 2020 I find it worrying as well. Why is it identified as a trojan if it is not using the characteristics of a trojan? Because it's not that simple and straightforward? Де вороги, знайдуться козаки їх перемогти. 5800x3d * 3090 * 64gb * Reverb G2
Laxxor Posted December 23, 2021 Posted December 23, 2021 Hi I know this topic is a year old but just tonight eset again flagged this as the same vmprotect. Seems odd that something that has been working fine for ages and that i fly regularly and has received no updates FOREVER... suddenly has characteristics that are flagging a positive, false or otherwise... Anyone else seeing same?
Japo32 Posted December 23, 2021 Posted December 23, 2021 (edited) I have found a problem with that file. It is recognized as malware by eset antivirus. So it removes and then the new update cannot continue... @BIGNEWY can you put a little of light in this please? I didn't have any problem before with this module. Edited December 23, 2021 by Japo32 1
ED Team BIGNEWY Posted December 23, 2021 ED Team Posted December 23, 2021 Hello, it will most likely be a false positive. You can either exclude it from your antivirus, or submit the file to your antivirus provider for inspection. We have not had any issues with our testers reporting it as a problem. thanks Forum rules - DCS Crashing? Try this first - Cleanup and Repair - Discord BIGNEWY#8703 - Youtube - Patch Status Windows 11, NVIDIA MSI RTX 3090, Intel® i9-10900K 3.70GHz, 5.30GHz Turbo, Corsair Hydro Series H150i Pro, 64GB DDR @3200, ASUS ROG Strix Z490-F Gaming, PIMAX Crystal
sthompson Posted December 24, 2021 Posted December 24, 2021 5 hours ago, BIGNEWY said: Hello, it will most likely be a false positive. You can either exclude it from your antivirus, or submit the file to your antivirus provider for inspection. We have not had any issues with our testers reporting it as a problem. thanks Eset's real time file protection deletes the file before the updater even completes, so there is no file to submit. And "most likely" isn't exactly reassuring. Sounds like you are making an educated guess. 1 I'm Softball on Multiplayer. NZXT Player Three Prime, i9-13900K@3.00GHz, 64GB DDR5, Win 11 Home, Nvidia GeForce RTX 4090 24GB, TrackIR 5, VKB Gunfighter III with MCG Ultimate grip, VKB STECS Standard Throttle, CH Pro pedals
Recommended Posts