lvl4f Posted June 5, 2024 Posted June 5, 2024 (edited) I am writing to the people involved in the development of this module, hoping for a prompt response to my problem. After a while I install DCS from scratch, I download my modules, and when I go to run the simulator, Windows Defender tells me about an existing threat, why is this happening?. For security reasons, I have uninstalled the module and used several tools to eradicate the threat, but it is still active... it is really a headache. I attach a photo. Edited June 5, 2024 by lvl4f
lvl4f Posted June 5, 2024 Author Posted June 5, 2024 2 minutes ago, razo+r said: Highly likely a false positive. Do you work at Razbam? How can you assure me that it is a false positive?. 1
Rudel_chw Posted June 5, 2024 Posted June 5, 2024 6 minutes ago, lvl4f said: How can you assure me that it is a false positive? We can't .. so if you trust your AV more than you trust ED & RB, then just refrain from using that Module and send the DLL to Microsoft to ask for confirmation that it is indeed a virus. 4 For work: iMac mid-2010 of 27" - Core i7 870 - 6 GB DDR3 1333 MHz - ATI HD5670 - SSD 256 GB - HDD 2 TB - macOS High Sierra For Gaming: 34" Monitor - Ryzen 3600 - 32 GB DDR4 2400 - nVidia RTX2080 - SSD 1.25 TB - HDD 10 TB - Win10 Pro - TM HOTAS Cougar Mobile: iPad Pro 12.9" of 256 GB
razo+r Posted June 5, 2024 Posted June 5, 2024 14 minutes ago, lvl4f said: Do you work at Razbam? No 14 minutes ago, lvl4f said: How can you assure me that it is a false positive?. I cannot assure you anything, not even your Anti Virus is sure. It says it's potentially and not that it's confirmed. Besides, you can count the amount of people who had gotten a likely false positive with one hand (or maybe two...). So again, the likelyhood of it being a false positive is very high. 3
BJ55 Posted June 5, 2024 Posted June 5, 2024 Did RB used VMProtect for their dll's? I7-12700F, 64GB DDR4 XMP1 3000MHz, Asus Z670M, MSI RTX 3070 2560x1440 60Hz, TIR 5, TM WH VPC base, TM rudder, Win10 Pro
zildac Posted June 5, 2024 Posted June 5, 2024 Do you work at Razbam? How can you assure me that it is a false positive?.Numerous threads on this, it's an FP. 2 14900KS | Maximus Hero Z690 | ASUS 4090 TUF OC | 64GB DDR5 6600 | DCS on 2TB NVMe | WarBRD+Warthog Stick | CM3 | TM TPR's | Varjo Aero
Catalinasgrace Posted June 8, 2024 Posted June 8, 2024 (edited) I just installed the trial of it this evening and didn't get any warnings about it... Edited June 8, 2024 by Catalinasgrace
lvl4f Posted June 8, 2024 Author Posted June 8, 2024 Thanks to the excellent support from eagle dynamics, my problem was resolved, so you can mark this post as solved, thank you very much. 1
Greyman Posted June 13, 2024 Posted June 13, 2024 I've just received what are probably false positive reports on AV8B_FM.dll and M2KC_FM.dll, from a full scan of my system. If they are false positives however, maybe someone at RAZBAM or ED ought to check why these reports are suddenly occurring, when there's not been a sniff of any issues for years?
Slippa Posted June 13, 2024 Posted June 13, 2024 Touch wood so far, all my RB bits are as they should be. Haven’t had anything pop up and have flown them recently. Good luck with clearing it up.
Greyman Posted June 13, 2024 Posted June 13, 2024 Well I've just updated DCS, to the latest version, and both aircraft seem to be working OK, despite me having real-time AV scanning activated, so maybe that's sorted it. A full scan of my system takes and age, so if I can't figure out how to just point a scan at the DCS folder and as they are/were very likely to be false positives anyway, I'll probably not repeat the scan just yet.
zetikka Posted June 14, 2024 Posted June 14, 2024 On 6/13/2024 at 3:24 PM, Greyman said: I've just received what are probably false positive reports on AV8B_FM.dll and M2KC_FM.dll, from a full scan of my system. If they are false positives however, maybe someone at RAZBAM or ED ought to check why these reports are suddenly occurring, when there's not been a sniff of any issues for years? Add to that the F-15E module also started triggering walware reports a couple days ago on its DLL (including on my machine). All this on Razbam modules only, and within a short span of time. Either something on the shared code used by Razban modules suddenly started showing as suspect to antivirus software (maybe a similar threat was added to malicious code databases that looks like Razban's code), of something less neat is going on. EHC Display Team
esb77 Posted June 15, 2024 Posted June 15, 2024 F-15 E latest update triggered Norton antivirus on my machine and it helpfully removed ARF.dll from the F-15 module with bothering to ask me. Cited the threat as Trojan.Gen.MBT Callsign "Auger". It could mean to predict the future or a tool for boring large holes. I combine the two by predictably boring large holes in the ground with my plane.
mikko.1842 Posted June 16, 2024 Posted June 16, 2024 Just teach your AV that DCS is an exception... ...or disable your AV... ...or don't use any AV #geniusidea
TORC Posted August 10, 2024 Posted August 10, 2024 Windows Defender found Trojan:Win32/Wacatac.B!ml today when I updated to DCS 2.9.7.58923 using Steam in the following files: \SteamLibrary\steamapps\downloading\223750\Mods\aircraft\AV8BNA\bin\AV8B_CPT.dll \SteamLibrary\steamapps\downloading\223750\Mods\aircraft\M-2000C\bin\M2KC_CPT.dll Given recent events I have elected to not install the M2000 or AV8B until this issue is resolved. Do you use VR? Do you feel sad when you are just a dismbodied set of eyes floating in the cockpit? Check out my list of paid aircraft modules that support the visible virtual pilot body:
TORC Posted August 12, 2024 Posted August 12, 2024 Issue with false positive for AV-8B and M2000 CPT.dll files now resolved - install OK and working OK, no viruses detected. 1 Do you use VR? Do you feel sad when you are just a dismbodied set of eyes floating in the cockpit? Check out my list of paid aircraft modules that support the visible virtual pilot body:
Recommended Posts