Страница в магазине
Transport Fever 2
Все Обсуждения Скриншоты Иллюстрации Трансляции Видео Мастерская Новости Руководства Обзоры
Transport Fever 2 > Общие обсуждения > Подробности темы
emisary 1 апр в 16:08
Malwarebytes prevents Transportfever from starting.
TransportFever 2 suddenly stops and after running 1 hour. And then when I want to start it, itt does not.
Then I see Malwarebytes popup.
It blocks icudt61.dll
and says that Malware.AI.3949925928 has been detected in the dll.

Is this a false possitive?

A downloade txt file says:
Malwarebytes
www.malwarebytes.com

-Logboekdetails-
Datum beveiligingsgebeurtenis: 2-4-2025
Tijd beveiligingsgebeurtenis: 00:43
Logbestand: af7d49de-0f4a-11f0-9121-3c6aa7e0cf3a.json

-Software-informatie-
Versie: 5.2.8.173
Versie componenten: 128.0.5184
Update pakketversie: 1.0.97711
Licentie: Premium

-Systeeminformatie-
Besturingssysteem: Windows 11 (Build 22631.5039)
Processor: x64
Bestandssysteem: NTFS
Gebruiker: System

-Details over geblokkeerde malware-
Bestand: 1
Malware.AI.3949925928, E:\steam\steamapps\common\Transport Fever 2\icudt61.dll, In quarantaine, 1000000, 0, 1.0.97711, 6A43178A2D74B045EB6F1628, dds, 03287350, 7D592EB0787BA55C5174AA638185C3B8, B22C0844B0CE7F3884146787FD47835664E435B140C45823E2FD44B976B1D8B8

(end)
< >
Сообщения 112 из 12
numbat 1 апр в 16:45 
I see there was an update to TpF2 recently. I haven't played for a little bit, and when I started it this morning there was an update downloaded. And now my MalwareBytes is doing the same thing.

I very must suspect that it is a false positive. I shall do a little more investigation but I am very confident. I shall report it to MWB as a false positive.

Cheers,
Chris.
#1
numbat 1 апр в 16:56 
So, I don't think that file was updated this morning. I'm checking the file against one of my backups, and the files are identical. I even did an md5sum on them both.

Cheers,
Chris.
#2
emisary 1 апр в 16:58 
I did just do an check in Steam, and it said I missed a file, and corrected it.
When I start the game Malwarebytes blocks it again.
So there is something in it. Really something bad or a false positive.
So I wrote a mail to UrbanGames and will see what comes out of it.
#3
numbat 1 апр в 17:06 
It is very likely a false positive. It happens from time to time with MWB. I am going to add the folder to my allow list in MWB and just accept it.

Cheers,
Chris.
#4
RadiKyle 1 апр в 17:11 
I tossed MWB years ago after it outlived its value, so I can't help there. But AFAIK there haven't been any recent game updates, it's still Build 35924 since Dec. There was a build after that (35925) for UG internal testing but never released to public.

But now I'm wondering if you've accidentally been leaked an advance copy of the TpF2 sequel: "Garden Fever!" (since the game is dominated by ppl making garden screenshots with a train stuck in the middle) 🌿🚆🌳
#5
emisary 1 апр в 18:23 
Garden fever does not ring a bell.
#6
emisary 2 апр в 9:40 
I got a confirmation from Urban Games, that it is a False Positiv.

Hello,

Thanks for getting in touch, and sorry to hear your malware protection is interrupting important transport planning.

In this case it looks very much like a false positive from Malwarebytes. Their Malwarebytes.AI detection system is relatively new and they've been making several updates to the database as a result of it tracking false positives more than usual.

If you want to be doubly certain, a full reinstallation of Transport Fever 2 from Steam/GOG/Epic will guarantee that the dll in question is as intended and hasn't been interfered with. It is a file used within the game and has no nefarious purpose.

Thanks again for checking, and please don't hesitate to get in touch if you've any further concerns.

Regards,

Urban Games
#7
Zapp 3 апр в 16:18 
The solution: uninstall Malwarebytes
#8
RadiKyle 4 апр в 6:41 
Автор сообщения: Zapp
The solution: uninstall Malwarebytes

That was my solution as well. Manyyyy yrs ago MWB / MBAM served a purpose (malware removal tool), but eventually that faded as it became such a disruptive bloatware that I abandoned it.
#9
numbat 4 апр в 13:27 
@zapp @radikyle

what do you use instead? Malware is still a very real threat and to be honest, I've never really had a problem with MWB. I know some of the others affect performance badly, but IMHO, MWB is the best of the bunch.

Cheers,
Chris.
#10
RadiKyle 4 апр в 14:52 
I just use Windows Defender.

Wayyyy back when the AV products had little/no malware coverage I carried two layers: McAfee + MWB. I picked up the latter as a removal tool to get rid of something a couple of times. This is probably like 15+ yrs ago tho.

McAfee was the first to go due to performance, bloatware, and deceptive pricing. I surveyed the options and was surprised to see how far Defender had come and it was solidly recommended, so I switched to that but kept MWB layer as well. That was probably ~10 yrs ago.

Then I recall MWB becoming a nuisance as well. Since packages like Defender had long since evolved to full-spectrum coverage (incl malware and others), there was really no need to keep MWB. So I tossed it probably 5+ yrs ago. If I ever need a removal tool I can always get it again (or whichever product is best), but really saw no need to keep it running as a subscription.
#11
numbat 4 апр в 22:39 
@radikyle, thanks for the response. I shall have to do some more research.

Am just about to get a new computer and so that will be a good time to do a full review of all those utils I run.

Cheers,
Chris.
#12
< >
Сообщения 112 из 12
Показывать на странице: 1530 50

Transport Fever 2 > Общие обсуждения > Подробности темы
Дата создания: 1 апр в 16:08
Сообщений: 12

Правила обсуждений