Anyone else running windows protection on Windows 10 x64 getting a threat found?

For mine it says Threat detected: Trojan; Win32/Tiggre!plock
Alert: Severe
Date: 9/10/2019
Category: Trojan

Affected Items:

File: C:\Program Files (x86)\Sony\Everquest\dsetup.dll

I didn't have any threats before unzipping the patch and I know dsetup.dll was one of the dll's that were included in the new zip. Anyone have any ideas what this Tiggre!plock is? Thx in advance.

yes i am getting a Virus detection message when attempting to download the patch

Running windows 10 pro, cannot execute the game today:

"The code execution cannot proceed because DSETUP.dll was not found. Reinstalling the program may fix this problem."

When I try to download the patch, chrome/windows fails with:

"Failed - Virus detected"

Same with me exactly... Guess we wait for a fix

We're getting screwed pretty hard because a lot of actual virus makers use the same obfuscation program that we use, so as a result the AV companies have basically blacklisted it.

I'm looking into a solution.

There are several threads in the tech support forum (https://www.project1999.com/forums/forumdisplay.php?f=40) on this subject. Vokrin suggested a way to go into your windows defender quarantine history and re-allow the file here (https://www.project1999.com/forums/showthread.php?t=333502).

In order to run the game again, I restored the quarantined file in Windows Defender and added it to allowed threats. It's probably not an ideal solution, because it will probably allow the actual trojan, but hey, yolo.

I'm looking into your bank account.

https://i.imgur.com/R3WtLBn.png

IM JK PLZ NO BAN I JUST JOKE HEHE

I TRUST YOU IF YOU WANT TO LOOK AT MY BANK ACCOUNT ID LET YOU ANYWAY

https://i.imgur.com/cCbUyo3g.jpg

I think Rogean might be harvesting our credit card numbers and mining bitcoins with our vastly overkill gpus for eq... But I don't care, he deserve it...

Its just windows being upset that p1999 uses a trojan in order to acquire the payments for the monthly fee.

Don't worry; the fee is settled as loans taken out in your name; you won't see anything come out of your bank account.

I am of course kidding (as far as I am aware).

This is an old issue...just tell your AV that this is an exception.

This is an old issue...just tell your AV that this is an exception.

Never had this issue until this patch.

Had the DLL error thing yesterday before I realized the patch was 49 and the day before it was 48. Installed it and now everything is fine except I’m missing several hundred dollars out of my bank account. (I kid I kid-lol at the paranoid people)

Ok so yesterday after downloading the patch and playing just fine, i started p99 up this morning and got that server threat thing from windows security. it says it quarantined it.

So all you gotta do is going into windows security click on virus and threat protection then click on threat history and see that it is quarantined and remove it from quarantine and plays fine no problems.

Had the DLL error thing yesterday before I realized the patch was 49 and the day before it was 48. Installed it and now everything is fine except I’m missing several hundred dollars out of my bank account. (I kid I kid-lol at the paranoid people)

How do we know that it isn't an actual virus? Not saying it's intentional, but still.

What the over/under on someone from a competing elf simulator submitted the file to windows and flagged it as a threat to turn people off p99?

i also got it

What the over/under on someone from a competing elf simulator submitted the file to windows and flagged it as a threat to turn people off p99?

Wouldn't surprise me.

So I've been able to get the false positives down quite a bit. I'm making some additional changes and we'll have a new distribution out later today.

So I've been able to get the false positives down quite a bit. I'm making some additional changes and we'll have a new distribution out later today.

Woot!

I have to say, the customer support here is miles ahead of anything I ever got from Verant, and I don't pay a thing. Maybe I should :)

I have to say, the customer support here is miles ahead of anything I ever got from Verant, and I don't pay a thing. Maybe I should :)

Green servers aint cheap ;D

@Rogean, I'd like to be a dev for Green server, can I apply?

Green servers aint cheap ;D

http://i.imgur.com/jo0dSFh.png

Never had this issue until this patch.

Hmm, same here. I was playing just fine yesterday. Now today, I get an eqgame.exe - Application Error. My AV catches it as a virus. Strange this is happening now.
Added eqgame.exe as an exception and had to restore the .DLL file that it quarantined, and it works fine, but like I said weird it's happening now, all of sudden.

The solution is to whitelist P99's files with your antivirus program. It can also be called "add an exception".

Of course, this will require you to blindly trust Rogean and friends to not infect, knowingly or unknowingly, you with a real virus.

Anyone notice he said servers?

Hmm...

Thanks a ton for the speedy fix.

I think what happened, is the removal of the pet window resulted in the AVs thinking it is a virus removing things unnecessarily.

Only solution may very well be to add the pet window back.......

I have done the exclusions but getting cant find "eqgame" when I try to run Launch Titanium from the directory after reinstalling the v49 patch any idea?

Never had this issue until this patch.

Odd, I've had it happen a number of times in the past.

I have done the exclusions but getting cant find "eqgame" when I try to run Launch Titanium from the directory after reinstalling the v49 patch any idea?

A guildie JUST had the exact same issue.

He reinstalled the v49, removed ALL exclusions, restarted comp, went back and added all exclusions, and it fired off no problem.

Not saying that will work for you, but it did work for him.

Sorry I’m dumb, what are the exclusions you all are referring too? Something to do with the virus protection? What’s the dll errors and eqgame error fixes? I’m not having them atm but with my luck I will ha.
Thanks!

So I've been able to get the false positives down quite a bit. I'm making some additional changes and we'll have a new distribution out later today.

Please will you not you think of the hacker scum who will have to reverse everything again?

https://i.imgur.com/OY7hdD1.png

Exclusions are instructions to your anti-virus software to ignore a particular file or set of files while performing their threat analysis. Refer to your anti-virus software documentation to learn how to set up exclusions (can also be called "whitelisting").

Check that your antivirus hasn't moved the relevent exe or dll files into quarentine. Ensure your short cuts have the 'starts in' line set to your p1999 directory.

As you've seen by the many replies, the issue seems to be with the latest dsetup.dll file we downloaded from the latest patches. Devs are aware and all we need to do is except the file from Windows Defender. There is more discussion on this topic on Reddit here: https://www.reddit.com/r/project1999/comments/dd96y5/trojan_virus_hiding_in_startup_file/ . I had the same issue you did... kinda scary when you see the alert but this "threat" seems contained! Enjoy EQ and play with confidence :) Cheers!