Gunzta 0 Posted October 7 Share Posted October 7 Time;Scanner;Object type;Object;Detection;Action;User;Information;Hash;First seen here 07/10/2023 09:16:53;Real-time file system protection;file;G:\Ubisoft\RidersRepublic\uplay_download\5487\RidersRepublic.exe;a variant of Win64/GenKryptik_AGen.KR trojan;cleaned by deleting;3900X-ADZ\xxxxx;Event occurred on a file modified by the application: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe (2075EB977C83F9E2A499BC3B7324E39F96B8DE95).;FE5B8E0C281975124C4CD94A48144A791C274240;07/10/2023 09:16:42 Any advice please? Quote Link to comment Share on other sites More sharing options...
itman 1,630 Posted October 7 Share Posted October 7 Presently two detection's at VT on this one; Eset and Rising: https://www.virustotal.com/gui/file/6a948d7ee8796b35543075dec549956d84e3d7026c48657335f9d2fc6712a2c2/detection . Eset might be triggering on the presence of VMProtect. Quote Link to comment Share on other sites More sharing options...
Gunzta 0 Posted October 7 Author Share Posted October 7 7 hours ago, itman said: Presently two detection's at VT on this one; Eset and Rising: https://www.virustotal.com/gui/file/6a948d7ee8796b35543075dec549956d84e3d7026c48657335f9d2fc6712a2c2/detection . Eset might be triggering on the presence of VMProtect. Thank you for the information. As a normal user that doesn't speak fluent Malware, could you possibly hold my hand a little more and walk me through your reply in language that I might understand? Probably a more pressing issue than understanding what you said, is knowing when ESET will let me play my game again? Quote Link to comment Share on other sites More sharing options...
itman 1,630 Posted October 7 Share Posted October 7 (edited) 1 hour ago, Gunzta said: could you possibly hold my hand a little more and walk me through your reply in language that I might understand? With the low detection rate at VirusTotal, it could be an Eset false positive detection. You should submit RidersRepublic.exe to Eset for review as such. You do this by accessing the file in Eset GUI Quarantine section. Mouse right click on the file and select, Submit sample for analysis. Change the Reason for submitting the sample field to "False positive file." Edited October 7 by itman Quote Link to comment Share on other sites More sharing options...
itman 1,630 Posted October 7 Share Posted October 7 (edited) I will also note that Eset detected a malware status of RidersRepublic.exe when the following occurred per your posted Eset Detection log entry; "Event occurred on a file modified by the application: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe." So this upc.exe file should also be submitted to Eset for analysis via Submit sample for analysis option in the Eset GUI Tools section. You can also submit this upc.exe file to VirusTotal.com and see if detection's for it exist there. Edited October 7 by itman Quote Link to comment Share on other sites More sharing options...
Most Valued Members cyberhash 181 Posted October 7 Most Valued Members Share Posted October 7 I have upc.exe in the same folder and it does not show as being detected. https://www.virustotal.com/gui/file/d9f8ba7344c7b65587aa8e0f5cc15f37cde969ff4f3b4b4846f0ee11d2270a6f/detection/f-d9f8ba7344c7b65587aa8e0f5cc15f37cde969ff4f3b4b4846f0ee11d2270a6f-1696570946 Quote Link to comment Share on other sites More sharing options...
Gunzta 0 Posted October 8 Author Share Posted October 8 Thank you itman, I really appreciate you taking the time to explain and educate me. I have followed your instructions. Although I note that upc.exe is no longer causing an issue and is scanning without problems. (as per cyberhash's post) Its just the RidersRepublic.exe that is getting falsley identified so I have submitted it. cyberhash: thank you for your additional info, very helpful. Quote Link to comment Share on other sites More sharing options...
itman 1,630 Posted October 8 Share Posted October 8 13 hours ago, cyberhash said: I have upc.exe in the same folder and it does not show as being detected Are you receiving any Eset detection on RidersRepublic.exe? Quote Link to comment Share on other sites More sharing options...
itman 1,630 Posted October 8 Share Posted October 8 (edited) I have a suspicion why Eset might be throwing a detection on this game. A couple of comments from Reddit; Quote I just finished downloading riders republic on epic games launcher, it was a 22gb download and when i clicked launch it took me to Ubisoft connect where it proceeded to start another 24 gb download. When I searched online it says that the game is only 22gb in size so can anyone explain what is going on or is this some kind of issue with the game?! I had this game installed before but deleted it. The first time I downloaded it this did not happen so i am very confused. Quote Ubisoft connect is like malware. Had the same thing happen. I selected to install it to my external disk drive then finished downloading and installing then Ubisoft connect decided it needs to go on my SSD then reinstalled the whole thing. Fuck Ubisoft connect. It’s somehow worse than EA origin https://www.reddit.com/r/gaming/comments/11ef1ga/i_just_downloaded_riders_republic_and_its_making/ Edited October 8 by itman Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.