Same here. Yesterday nothing. Probably it happens after windows defender update. It is blocked by "protection based on reputation" shield. I guess it is again something with the VMprotect file encryption.

https://vmpsoft.com/

Same here. First time today.

Same here, any news?

AVG Antivirus just started flagging this file,

"Potentially Unwanted Application" is Window's Defender's buzzword for, "we don't recommend installing this." Which is good when the application is some adware browser toolbar. But they also apply this label to things like torrent clients—not to start a debate about piracy, but generally if someone is downloading or installing it, they are doing it deliberately so "unwanted" is an odd choice of label.

"Protection based on reputation" could be the same thing as "Potentially Unwanted Application". But it could also be another heuristic they use: "it's safer if you aren't the first person to try running this program." Under this heuristic, execution is blocked until the program has either been: detected on a certain number of other Windows computers (popularity), or existed for a length of time (and if there was a problem, it would have likely been reported by now).

Generally speaking, there are a wide variety of antivirus detection paradigms. With respect to home antivirus (as opposed to business/enterprise antivirus), these are usually signature detection and entry-level heuristic detection.

Signature detection is looking for files, or pieces of files, that match the "signature" of previously detected malware. However, "signature" detection is a bit like looking at genes. A "high quality" signature would only exist in viruses, and never show up in legitimate software. A "low quality" signature can be detected in both viruses and legitimate software, creating false positives. If you report instances you believe are false positives to your antivirus vendor, they can remove lower quality signatures and look for higher quality ones.

Heuristic detection is doing a test run of a file, and looking for suspicious behaviours. A legitimate example would be if the test run of the program suddenly tries to delete a bunch of files off your drive. With respect to videogames, some digital rights management software does things that antivirus software consider suspicious behaviour. For example, DRM can involve doing a lot of cryptography operations to rotate the encryption on protected files. And, surprise surprise, ransomware also likes to do a lot of cryptography operations to create encrypted files.

This is a long winded explanation, just to ultimately get to the point, you should understand how your antivirus software works, so you can take the information it's giving you and make your own decision. If you want to follow all it's advice blindly, that's certainly a good way to minimize risk, but it also means taking every false positive seriously. But if you disregard everything it's telling you, because you really want to run that game mod, then you run the risk of ignoring legitimate warnings.

Feel free to share or repost, since this is popping up a lot lately. Just general background info, you are encouraged to do your own research.

FYI Windows marks my crypto wallet as the PUA.

Our team obviously check our content before pushing to the public, the problems arise as some AV do not like the protection we use on some files. This leads to false positives, our team are considering how best to mitigate this but that does come at a cost.

Many people will add DCS to the allowed list to prevent AV and real time scans creating a problem, obviously security is a personal choice to make. We would also suggest if you do get a hit on a file to submit it to your provider for checking.

thank you

Just had this warning show up in Windows Defender for first time ever. If the app is a false positive shouldn't ED modify or remove the app or contact Microsoft instead of leaving it to individual users?

My Computer has started to show the very same condition after updating DCS this evening.

file: D:\Steam\steamapps\downloading\223750\Mods\aircraft\M-2000C\bin\M2KC_CPT.dll - PUA:Win32/GameHack 19/06/2024 22:30 (Active)

file: D:\Steam\steamapps\downloading\223750\Mods\aircraft\F-4E\bin\HeatblurJester.dll - PUA:Win32/Packunwan 19/06/2024 22:30 (Active)

that virus Make i get banned from diablo 4... delete it
file: E:\STEAM\steamapps\common\Lords Mobile\Lords Mobile_Data\Plugins\x86_64\fish.dll PUA:Win32/Packunwan
afther update Lord mobile

I have the same isssue, PUA:Win32/Packunwan

Achatock - there's another discussion re F-14 not authorised anymore that mentions this issue. Bignewey advises it's a false positive thrown up by virus detectors, so make of that what you will. You can set the file to an exception / be ignored by anti virus to get around it he advises. I've been having this issue every update since last year, to the point I'm personally leaving it to all play out at this point, all seems kinda gash.

Originally posted by ryansw989:

Achatock - there's another discussion re F-14 not authorised anymore that mentions this issue. Bignewey advises it's a false positive thrown up by virus detectors, so make of that what you will. You can set the file to an exception / be ignored by anti virus to get around it he advises. I've been having this issue every update since last year, to the point I'm personally leaving it to all play out at this point, all seems kinda gash.

Please see this thread

https://steamcommunity.com/app/223750/discussions/0/565867433751027929/

I will close this one as it is a historic one.