Ubisoft Connect Game Launcher - Riders Republic detected, can't play.

[Gunzta 0]

Time;Scanner;Object type;Object;Detection;Action;User;Information;Hash;First seen here
07/10/2023 09:16:53;Real-time file system protection;file;G:\Ubisoft\RidersRepublic\uplay_download\5487\RidersRepublic.exe;a variant of Win64/GenKryptik_AGen.KR trojan;cleaned by deleting;3900X-ADZ\xxxxx;Event occurred on a file modified by the application: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe (2075EB977C83F9E2A499BC3B7324E39F96B8DE95).;FE5B8E0C281975124C4CD94A48144A791C274240;07/10/2023 09:16:42

 

Any advice please? 
 

[itman 1,667]

Presently two detection's at VT on this one; Eset and Rising: https://www.virustotal.com/gui/file/6a948d7ee8796b35543075dec549956d84e3d7026c48657335f9d2fc6712a2c2/detection .

Eset might be triggering on the presence of VMProtect.

[Gunzta 0]

7 hours ago, itman said:

Presently two detection's at VT on this one; Eset and Rising: https://www.virustotal.com/gui/file/6a948d7ee8796b35543075dec549956d84e3d7026c48657335f9d2fc6712a2c2/detection .

Eset might be triggering on the presence of VMProtect.

Thank you for the information. As a normal user that doesn't speak fluent Malware, could you possibly hold my hand a little more and walk me through your reply in language that I might understand? Probably a more pressing issue than understanding what you said, is knowing when ESET will let me play my game again? 

[itman 1,667]

1 hour ago, Gunzta said:

could you possibly hold my hand a little more and walk me through your reply in language that I might understand?

With the low detection rate at VirusTotal, it could be an Eset false positive detection.

You should submit RidersRepublic.exe to Eset for review as such. You do this by accessing the file in Eset GUI Quarantine section. Mouse right click on the file and select, Submit sample for analysis. Change the Reason for submitting the sample field to "False positive file."

Edited October 7, 2023 by itman

[itman 1,667]

I  will also note that Eset detected a malware status of RidersRepublic.exe when the following occurred per your posted Eset Detection log entry;

"Event occurred on a file modified by the application: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe."

So this upc.exe file should also be submitted to Eset for analysis via Submit sample for analysis option in the Eset GUI Tools section.

You can also submit this upc.exe file to VirusTotal.com and see if detection's for it exist there.

Edited October 7, 2023 by itman

[cyberhash 188]

I have upc.exe in the same folder and it does not show as being detected.

https://www.virustotal.com/gui/file/d9f8ba7344c7b65587aa8e0f5cc15f37cde969ff4f3b4b4846f0ee11d2270a6f/detection/f-d9f8ba7344c7b65587aa8e0f5cc15f37cde969ff4f3b4b4846f0ee11d2270a6f-1696570946

[Gunzta 0]

Thank you itman, I really appreciate you taking the time to explain and educate me. I have followed your instructions. Although I note that upc.exe is no longer causing an issue and is scanning without problems. (as per cyberhash's post) Its just the RidersRepublic.exe that is getting falsley identified so I have submitted it. 

cyberhash: thank you for your additional info, very helpful. 

[itman 1,667]

13 hours ago, cyberhash said:

I have upc.exe in the same folder and it does not show as being detected

Are you receiving any Eset detection on RidersRepublic.exe?

[itman 1,667]

I have a suspicion why Eset might be throwing a detection on this game.

A couple of comments from Reddit;

Quote

I just finished downloading riders republic on epic games launcher, it was a 22gb download and when i clicked launch it took me to Ubisoft connect where it proceeded to start another 24 gb download. When I searched online it says that the game is only 22gb in size so can anyone explain what is going on or is this some kind of issue with the game?!
I had this game installed before but deleted it. The first time I downloaded it this did not happen so i am very confused.

Quote

Ubisoft connect is like malware. Had the same thing happen. I selected to install it to my external disk drive then finished downloading and installing then Ubisoft connect decided it needs to go on my SSD then reinstalled the whole thing. Fuck Ubisoft connect. It’s somehow worse than EA origin

https://www.reddit.com/r/gaming/comments/11ef1ga/i_just_downloaded_riders_republic_and_its_making/

Edited October 8, 2023 by itman

[Puririkaaal 0]

I had an absolutely identical situation, so now I use only Steam

 

 

[Puririkaaal 0]

and now I'm playing WoW by the way, I feel like a super newbie because I haven't played the game in 10 years, I'm thinking of ordering a boost from https://boosthive.eu/service/mythic-dungeons ,  , what do you think?

Edited January 3 by Marcos
Url unhidden

[Nightowl 205]

On 12/31/2023 at 7:23 PM, Puririkaaal said:

and now I'm playing WoW by the way, I feel like a super newbie because I haven't played the game in 10 years, I'm thinking of ordering a boost from https://boosthive[.]eu/service/mythic-dungeons, what do you think?

I didn't go to the link , but it is a WoW boost? and stuff like gold or equipment

I don't recommend doing that , because it's not affiliated with Blizzard or someone official to the game and it can be a scam or you will pay for something and get something else or get nothing. and probably it have to do some in-game trading to be able to get the stuff.

Better not bro , I don't recommend it.