Ursprungligen skrivet av Aera:

Had the same issue and it does not come from mods itself but from the MelonLoader and seems to be a false positive when checking a VirusTotal. The file it flagged for you comes from installing the MelonLoader.

Can you share the virustotal link please?

Kaspersky bro oh my god

Ursprungligen skrivet av Aera:

Had the same issue and it does not come from mods itself but from the MelonLoader and seems to be a false positive when checking a VirusTotal. The file it flagged for you comes from installing the MelonLoader.

I just checked and your are right, thanks for your comment, I will run a deep system scan and do a cleanup just in case

Ursprungligen skrivet av Havok:

Ursprungligen skrivet av Aera:

Had the same issue and it does not come from mods itself but from the MelonLoader and seems to be a false positive when checking a VirusTotal. The file it flagged for you comes from installing the MelonLoader.

Can you share the virustotal link please?

{LÄNK BORTTAGEN}https://www.virustotal.com/gui/file/c1192fa07e19a7a6d831c30cc50dfd58907638c6ab04efd4c627dd1739b79ddc

Ursprungligen skrivet av Nik:

Kaspersky bro oh my god

so which antivirus is the best in your opinion

Ursprungligen skrivet av Aera:

Ursprungligen skrivet av Havok:

Can you share the virustotal link please?

https://www.virustotal.com/gui/file/c1192fa07e19a7a6d831c30cc50dfd58907638c6ab04efd4c627dd1739b79ddc

link got removed, but I got it, thanks. And this isn't the file in question, the dll is version.dll

If someone could upload that, that would be fantastic. thanks

Ursprungligen skrivet av Havok:

Ursprungligen skrivet av Aera:

{LÄNK BORTTAGEN}https://www.virustotal.com/gui/file/c1192fa07e19a7a6d831c30cc50dfd58907638c6ab04efd4c627dd1739b79ddc

link got removed, but I got it, thanks. And this isn't the file in question, the dll is version.dll

if you upload the file it literally shows this it's the same thing

Ursprungligen skrivet av OPX Sanji:

Ursprungligen skrivet av Rudra_Jr:

My Antivirus software Kaspersky detected a virus in Schedule 1 files

File - version.dll - HEUR:Trojan.Win64.DllHijack.gen
Location - C:\Program Files (86)\Steam\steamapps\common\Schedule I\

NO YOU DIDN'T, this file is non-existent, it had to have come from or was generated by a mod, get a life and stop posting BS you clearly know nothing about and stop modding games until you know how to safely do so lol.

Nobody asked for your opinion, I paid for this game I can do whatever I want with it. If you can't be helpful try not being annoying. Get a life and learn to mind your own business

none, no one antivirus can protect you from emerging threats, they can look for file signatures and known threats but are unless for emerging threats or zero day exploits

Ursprungligen skrivet av ★ ace ★:

none, no one antivirus can protect you from emerging threats, they can look for file signatures and known threats but are unless for emerging threats or zero day exploits

best AV is not downloading things you are unsure of and researching those that you want to be sure of.

Ursprungligen skrivet av Aera:

Ursprungligen skrivet av Havok:

link got removed, but I got it, thanks. And this isn't the file in question, the dll is version.dll

if you upload the file it literally shows this it's the same thing

Oh, weird. Aight. Well, looks like VT says its clean, so this is a kaspersky FP then. Kaspersky is probably getting the heuristics for this rule

Even Kaspersky's sandbox doesn't detect it lmao. so... no idea whats going on here.

Matches rule Potential System DLL Sideloading From Non System Locations by Nasreddine Bencherchali (Nextron Systems) at Sigma Integrated Rule Set (GitHub)
Detects DLL sideloading of DLLs usually located in system locations (System32, SysWOW64, etc.).

Ursprungligen skrivet av Shaken_Widow:

Ursprungligen skrivet av ★ ace ★:

none, no one antivirus can protect you from emerging threats, they can look for file signatures and known threats but are unless for emerging threats or zero day exploits

best AV is not downloading things you are unsure of and researching those that you want to be sure of.

pretty much, if you didn't write the code, don't trust it

why it says hijack, probably a DLL injection

Ursprungligen skrivet av Havok:

Ursprungligen skrivet av Aera:

if you upload the file it literally shows this it's the same thing

Oh, weird. Aight. Well, looks like VT says its clean, so this is a kaspersky FP then. Kaspersky is probably getting the heuristics for this rule

Even Kaspersky's sandbox doesn't detect it lmao. so... no idea whats going on here.

Matches rule Potential System DLL Sideloading From Non System Locations by Nasreddine Bencherchali (Nextron Systems) at Sigma Integrated Rule Set (GitHub)
Detects DLL sideloading of DLLs usually located in system locations (System32, SysWOW64, etc.).

Other people using Melonloader have reported the same, It does looks like a false positive, thanks for your help

Those mod ofent dont even have virus, they are false positive