Project 1999

Go Back   Project 1999 > General Community > Technical Discussion

Closed Thread
 
Thread Tools Display Modes
  #1  
Old 09-06-2014, 10:22 AM
Lyra Lyra is offline
Fire Giant


Join Date: Jan 2013
Posts: 899
Default

I think people need to understand the reason THIS file is triggering the security warning.

If you have websites blocked at work, it is likely a list of websites your employer purchased to meet their internet viewing policies. (It's likely a service the company purchased and this list is a part of it) The people making the list, add websites to it all the time, as they created, or as they are discovered as fitting the criteria of the category they are blocking.

This is the same type of thing. One of the many players here likely submitted the file to McAfee for evaluation. This may have been malicious, it may have not. McAfee looked at the file and determined "We don't know what this is. It could be dangerous". Not because they KNOW it's dangerous, but because they don't know what it is and therefore can't guarantee it's safety. They added it to it's list of things to flag as "Generic11". You see they didn't give it it's own name. They added it to a list of generic stuff, all of which fits this same category of "we don't know, but just in case here is a warning" warnings. The file is now on a "list" and they buy each others lists.

Misflagging happens ALL THE TIME. Google Generic11 to read. Here is one example:

https://forums.adobe.com/thread/391984?tstart=0

http://securityandthe.net/2008/11/10...-windows-file/
Quote:
AVG virus scanner removes critical Windows file
I'm sure they fixed their scan to not flag a windows file. Project 1999 is not going to be that lucky.

You could play "safe" and not join the fun or you can trust the guy providing free Classic Everquest gaming to thousands of people for the last five years without incident.
  #2  
Old 09-06-2014, 07:06 PM
Derubael Derubael is offline
Retired GM


Join Date: Aug 2013
Location: Cabilis East, in the northwest corner of the zone-in from Field of Bone
Posts: 5,009
Default

Lyra - I copied your post into it's own brand new thread b/c I thought you did a good job of explaining this. I'd like to add this as well:

Quote:
Originally Posted by KOOLLAYD [You must be logged in to view images. Log in or Register.]
I just wanna know if it alters anything on your computer or changes anything to install anything in the background or if it just runs and pings simply because of how it was coded or what. It's reason or purpose doesn't doesn't bother me. If I seriously thought something wasn't on the level I'd have not even bothered to ask. I'd kept it moving. Since I am new I can't judge based on the last 5 years since I wasn't here. That's why I am asking you guys.
dsetup.dll doesn't modify any of your files, doesn't let us read your files, doesn't destroy your registry. It doesn't give us any kind of hands on access to your computer. It's there to detect cheats like Macroquest and ShowEQ so that we can have a truly hack free server. As a poster explained above, it is likely that someone submitted it to a (crappy, lazy) virus database and they filed it in the "well it does something but we can't be arsed to figure out what" section of their DB. So now it's going to flag on certain virus scanners.

I'm told a number of high end scanners like Kaspersky's (read: Mcaffee, Norton, are horrible at virus protection. Biggest scam in the industry IMO. AVG is good but since a lot of their business is free I'm betting they don't have the staff to check for false-positives like this and remove them).

For the longest time this file didn't get picked up on any scanner (~4ish years) and no one has ever reported it doing anything malicious to their computer. This leads me to believe the "someone submitted it" theory, possibly to try to thwart Project 1999 (Disclaimer: I'm pulling this out of my ass, but it makes sense). The DLL literally has not been touched in forever, so it's not like we added something in that would make it start getting flagged as malicious.

Quote:
Originally Posted by myriverse [You must be logged in to view images. Log in or Register.]
Much easier to get a better antivirus program. The better ones do not mistake it for a virus.
^ Kaspersky's if you're a savvy computer user, Webroot if you're not. If you really don't want to pay, AVG - but you'll have to add an exception for this file (as you stated in your OP). Spybot/adaware/malwarebytes as well, if you're not careful about the websites you visit (your computer is likely bogged with malware/adware/spyware, even if you dont know it; people in the IT field deal with this on a daily basis), you'll need these programs.

In order to circumvent the DLL flagging, simply disable your anti-virus software and re-enable it after launching EQ. This shouldn't be required with better scanners.
Last edited by Derubael; 09-18-2014 at 07:10 PM..
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 05:13 PM.


Everquest is a registered trademark of Daybreak Game Company LLC.
Project 1999 is not associated or affiliated in any way with Daybreak Game Company LLC.
Powered by vBulletin®
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.