Jump to content

[FALSE POSITIVE] Kaspersky warning about Trojan-Ransom.Win32.Foreign.gen in world.dll

BaD CrC

By BaD CrC
in General Bugs

 Share

Recommended Posts

oldcrusty

oldcrusty

Posted
Posted (edited)
For what it's worth, i ran World.dll and WorldGeneral.dll through the Kaspersky online virus checker. Both came up green.

Did the same on VirusTotal where resp. 5 and 4 out of 68 scanners detected them as malware (BitDefender and Kaspersky came both up green).

If you then look into details, there is not much going on beside that the files are not signed.

 

That's what my AV was alarmed about. What the hell ED? Sign them next time :D

 

I think I'll give up torrent d/l until I enlighten myself on how this process works.


Edited by Gripes323
Link to comment
Share on other sites
  • ED Team
BIGNEWY

BIGNEWY

Posted
  • ED Team
Posted

This is a false positive, if you are happy please add DCS to your whitelist or wait for your antivirus definitions to update.

 

thanks

smallCATPILOT.PNG.04bbece1b27ff1b2c193b174ec410fc0.PNG

Forum rules - DCS Crashing? Try this first - Cleanup and Repair - Discord BIGNEWY#8703 - Youtube - Patch Status

Windows 11, NVIDIA MSI RTX 3090, Intel® i9-10900K 3.70GHz, 5.30GHz Turbo, Corsair Hydro Series H150i Pro, 64GB DDR @3200, ASUS ROG Strix Z490-F Gaming, HP Reverb G2

Link to comment
Share on other sites
Quadg

Quadg

Posted
Posted

i think they are changing their DRM system.

 

and its the new DRM that is setting off all the false positives (DRM and virus have a lot in common)

 

they are talking to the supplier of the DRM about all the false positives.

 

edit : ninja'd by bignewy

My Rig: AM5 7950X, 32GB DDR5 6000, M2 SSD, EVGA 1080 Superclocked, Warthog Throttle and Stick, MFG Crosswinds, Oculus Rift.

Link to comment
Share on other sites
  • 2 weeks later...
Wiesel02

Wiesel02

Posted
Posted

sharing the pain..

 

Same here, last week it was mainly "I16FM.dll", today it's been "World.dll" first after today's update, then restoring that file, restart PC, and now it's the "F14-HeatblurCommon.dll"... :music_whistling:

Link to comment
Share on other sites
  • ED Team
c0ff

c0ff

Posted
  • ED Team
Posted
How safe is torrent download?

 

Absolutely safe. The hashes of what should be downloaded come from our servers (digitally signed of course). The source of data is not important after that - if it does not match the hash it will be rejected.

Dmitry S. Baikov @ Eagle Dynamics

LockOn FC2 Soundtrack Remastered out NOW everywhere - https://band.link/LockOnFC2.

Link to comment
Share on other sites
fasteddie1

fasteddie1

Posted
Posted

Virus detected by Bitdefender after update

 

I updated to version 2.5.6 yesterday and was surprised to see another update today I believe it was 718GB.

 

After installation Bitdefender displayed this warning:

"The file E:\Program Files\Eagle Dynamics\DCS World OpenBeta\bin\World.dll is infected with Gen:Variant.Ursu.768621 and was moved to quarantine. It is recommended that you run a System Scan to make sure your system is clean"

 

How do I roll back this update?

Link to comment
Share on other sites
oldcrusty

oldcrusty

Posted
Posted
Absolutely safe. The hashes of what should be downloaded come from our servers (digitally signed of course). The source of data is not important after that - if it does not match the hash it will be rejected.

 

Cool, thanks. Used it today with no alarms from AV

Link to comment
Share on other sites
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...