MAD_DAD

cod4x18_dedrun.exe as Malware

Recommended Posts

Just for Info:

Malwarebytes now picking up cod4x18_dedrun.exe as Malware. Not had a problem before so I have added it into allow list as with this being Heuristic scan I can put it down to a false positive.

Malwarebytes.png

Share this post


Link to post
Share on other sites

Has something been added that we should be aware of, if not where are these false positives coming from then?

Share this post


Link to post
Share on other sites
1 hour ago, Kreator said:

Has something been added that we should be aware of, if not where are these false positives coming from then?

It happens when the antivirus / antimalware update their heuristic engine.

Thats what happened to Malwarebytes but they have now updated theirs so it doesn't pick the file up as malware

 

Share this post


Link to post
Share on other sites

Hi

Just to add my experience, all my servers had their cod4x18_dedrun.exe files moved to the quarantine area by windows defender after the definition update at 5 am this morning. As Mad_Dad said this is an update made by the scanner providers and nothing has changed within the cod4x .exe. A pain but can be resolved by restoring the files from quarantine and adding them to the exclusion list. Just a heads up, if you have a number of servers you have about 15 seconds after restoring to add the files to the exclusion list before defender puts them back in quarantine. 

Cheers All. 

Share this post


Link to post
Share on other sites

Interesting stuff this malware scanners. I have just added very few lines of code, not removed anything, in version 19.4 but the scanners detecting now something different and some don't detect it at all now.  xD

Even more interesting is that it becomes obvious that some scanners are just the same software in a different package with a different name. BitDefender, Ad-Aware, ...

Knipsel_19_4.thumb.PNG.77cfcbba6f0f737a9543314d14616b15.PNGKnipsel_19_3.thumb.PNG.7e86bb0f484237e4fc1de1fee14bb94b.PNG

Share this post


Link to post
Share on other sites
5 hours ago, Fraggy said:

Interesting stuff this malware scanners. I have just added very few lines of code, not removed anything, in version 19.4 but the scanners detecting now something different and some don't detect it at all now.  xD

Even more interesting is that it becomes obvious that some scanners are just the same software in a different package with a different name. BitDefender, Ad-Aware, ...

Knipsel_19_4.thumb.PNG.77cfcbba6f0f737a9543314d14616b15.PNGKnipsel_19_3.thumb.PNG.7e86bb0f484237e4fc1de1fee14bb94b.PNG

19.4 Build on your home PC Windows 8.1

Снимок.JPG

Share this post


Link to post
Share on other sites

Both build on exactly the same PC with Windows 10 and the same toolchain.

Share this post


Link to post
Share on other sites

Is this something that you guys are working on fixing? Pingperfect won't use CoD4X until it doesn't alert their anti-malware :(

Share this post


Link to post
Share on other sites

I'm using NFO Windows Server 2019, no malware programs except Windows stock antivirus.

I know that it's a false positive , Windows Server quarantined all my server from the latest CoD4x "cod4x18_dedrun.exe"

For me to solve this issue, I had to rollback to cod4x build 1071, December 17 2020. The servers are 100% now.

Share this post


Link to post
Share on other sites

I am not working on it. As long as it is only the server that gets flagged I don’t care about that.

I am not attempting workarounds for bugs created by others.

Share this post


Link to post
Share on other sites

For me, chrome is even blocking the download of windows server files 🤣 Wanted to get the windows version for local testing but yeah its flagged.

Share this post


Link to post
Share on other sites
Posted (edited)
On 3/18/2021 at 7:06 PM, Fraggy said:

I am not working on it. As long as it is only the server that gets flagged I don’t care about that.

I am not attempting workarounds for bugs created by others.

It's NOT the server that gets flagged, it's the latest release of "cod4x18_dedrun.exe" that's the high security risk trojan.

But no worries, the previous release 1071 works 100%

 

[bugs created by others.]??

that release was created by someone else?

Edited by Capt.Dan

Share this post


Link to post
Share on other sites

Hi Capt.Dan, 

I think the bug created by others is the fact that these antivirus / antimalware are picking this file up as a false positive.

Malwarebytes picked it up as a trojan so I sent the file to them so they could check it out and they agreed that it is a false positive.

They have updated their scan engine and now it is not flagged up anymore.

Whatever antivirus / antimalware system you use you could add the file to the exclusion list and carry on using the most recent version.

  • Thanks 1

Share this post


Link to post
Share on other sites
Posted (edited)

Hi Capt.Dan, 

I think the bug created by others is the fact that these antivirus / antimalware are picking this file up as a false positive.

Malwarebytes picked it up as a trojan so I sent the file to them so they could check it out and they agreed that it is a false positive.

They have updated their scan engine and now it is not flagged up anymore.

Whatever antivirus / antimalware system you use you could add the file to the exclusion list and carry on using the most recent version.

 

It Posted double for some reason

Edited by MAD_DAD
It Posted double for some reason
  • Like 1

Share this post


Link to post
Share on other sites
Posted (edited)
6 hours ago, Capt.Dan said:

It's NOT the server that gets flagged, it's the latest release of "cod4x18_dedrun.exe" that's the high security risk trojan.

But no worries, the previous release 1071 works 100%

 

[bugs created by others.]??

that release was created by someone else?

No Dan what Fraggy means is that its wrong coded in the  antimalware program not the cod4x. 

Its if y nabors car dosnt have any brakes... Its not u that have to fix it its u nabors problem  :D

Edited by Cyruz
  • Haha 2

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.