What's new
By:
Filters
AA Classic

Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!

  • Dear users, Forums are now a deprecated method of communication for AAClassic and are kept for historical purposes. Please join our Discord! https://discord.gg/aaclassic

Trojan in Daruguard.dll

A

Ayesleighyew

Basic member

Trojan:Win32/Wacatac.B!ml​

Hey this is a major concern to me, Microsoft did an auto scan and says that there's a Trojan in this file. WTH should I do?
 
Last edited:
Blondie

Blondie

Unique member
My Anti-Virus didn't like it either. But I've read that it's just a false positive. Something to do with the way it was packed. It should be safe to ignore the warning.
 
K

kesh

New member
I was actually about to try this private server, but then I scanned the executable and it came back 10/71. so yeah, even if it's a false positive, I don't want to disable my antivirus or go through persistent hoops to allow the possibly malicious file.
 
Blondie

Blondie

Unique member
kesh said:
I was actually about to try this private server, but then I scanned the executable and it came back 10/71. so yeah, even if it's a false positive, I don't want to disable my antivirus or go through persistent hoops to allow the possibly malicious file.
Click to expand...
That's fair enough Kesh, the security of your PC is more important than a game. But I really believe that it's ok. I can't see the admins going to this much trouble and expense to release an infected game that nobody will play. Anyway. this is what Aguru said about it on Discord:

Our anticheat uses virtualization and other methods to hide its code from reverse engineering. Viruses use similar techniques to hide their code. Antiviruses will flag virtualization as potential malware.
Click to expand...

It's up to you of course. But if you do decide to trust the team, then all you need to do is make an exception for it in your Anti-Virus and you shouldn't have any more issues.
 
Aguru

Aguru

Administrator & Daru enjoyer
Staff member
Greetings,
DaruGuard, as an anticheat, uses heavy virtualization/other methods to hide its code. The reason we do this is because a cheater would otherwise be able to open it up, see exactly what it does, counter it and call it a day.
Having this level of protection however will make antiviruses mad as they cannot tell what the program is/does. They will thus report generic Trojan reports (better safe than sorry).


We recommend adding it to your exclusion list. Like our launcher previously, this issue arises because the program is not well known yet, and it should solve itself once AV vendors flag it as safe :)
 
You must log in or register to reply here.
Back
Top