Hi my AV gave alert on the new ffxiv bot so I checked online : https://www.virustotal.com/fr/file/6112 ... 412031997/
8 positives
Should we be worried ? And when unzipping the file, it tried to change my UAC too.
AV Alert
Moderator: ScreamingEagle
Re: AV Alert
No virii/trojans in viper. It is because of the way that the bot interacts with games, always makes it seem suspicious. Normally programs do not go around reading and interacting with other running programs.
Re: AV Alert
Hm ok, Did you use Themida ? It would explain the alert/false positive.
Thanks for the reply.
Thanks for the reply.
Re: AV Alert
I still can't use it my AV keeps deleting it
Why is FF14ViperBot.exe trying to mess up with this registry keys in the first place ?
20141002 130856 Le fichier "D:\Users\&&&\Downloads\FF14ViperRelease2.0.9.9b\FF14ViperBot.exe" appartient au virus/spyware 'Mal/FakeAV-OP'.
20141002 130856 Le contrôle sur accès a refusé l'accès à l'emplacement "D:\Users\&&&\Downloads\FF14ViperRelease2.0.9.9b\FF14ViperBot.exe" pour l'utilisateur AUTORITE NT\Système
20141002 130856 Le fichier "D:\Users\&&&\Downloads\FF14ViperRelease2.0.9.9b\FF14ViperBot.exe" appartient au virus/spyware 'Mal/FakeAV-OP'.
20141002 130903 Le fichier "D:\Users\&&&\Downloads\FF14ViperRelease2.0.9.9b\FF14ViperBot.exe" appartient au virus/spyware 'Mal/FakeAV-OP'.
20141002 130903 La valeur de registre "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA" appartient au virus/spyware 'Mal/FakeAV-OP'.
20141002 130903 La valeur de registre "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin" appartient au virus/spyware 'Mal/FakeAV-OP'.
20141002 130904 Le fichier "D:\Users\&&&\Downloads\FF14ViperRelease2.0.9.9b\FF14ViperBot.exe" a été nettoyé(e).
20141002 130904 La valeur de registre "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA" a été nettoyé(e).
20141002 130904 La valeur de registre "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin" a été nettoyé(e).
20141002 130904 Le virus/spyware 'Mal/FakeAV-OP' a été supprimé.
Why is FF14ViperBot.exe trying to mess up with this registry keys in the first place ?
Re: AV Alert
It tries to find out if it needs to prompt for a UAC/Consent privileges consent to launch.
As I said above, you have to add an exception for Viper to run.
I'm not going to go through what viper does internally. As this might open it up for detection by games.
It does not have any virii/trojans in it. Been in business for 10 years. Take it or leave it.
As I said above, you have to add an exception for Viper to run.
I'm not going to go through what viper does internally. As this might open it up for detection by games.
It does not have any virii/trojans in it. Been in business for 10 years. Take it or leave it.