Posted July 09, 2012
Well, is it safe to allow the file to run on my PC? Or should I delete/quarantine it?
CBeckett
New User
Registered: Sep 2010
From Other
Antaniserse
Backhand master
Registered: Sep 2008
From Italy
Posted July 09, 2012
The general experience is that it is safe, and a false positive as in similar situation were TAGES was involved... however, if you want an official statement on the issue, GOG as recently updated the support page, and this is what they state:
http://www.gog.com/en/support/the_chronicles_of_riddick_assault_on_dark_athena/dvmdll_errors_darkathenaexe_system_error_file_missing_etc
http://www.gog.com/en/support/the_chronicles_of_riddick_assault_on_dark_athena/dvmdll_errors_darkathenaexe_system_error_file_missing_etc
CBeckett
New User
Registered: Sep 2010
From Other
Posted July 09, 2012
http://www.gog.com/en/support/the_chronicles_of_riddick_assault_on_dark_athena/dvmdll_errors_darkathenaexe_system_error_file_missing_etc
bellatori
Bellatori
Registered: May 2010
From United Kingdom
Posted July 09, 2012
Clearly this matter IS NOT SOLVED.
I have found a work around but I have to say I am not very happy about this. I use McAfee.
1. Turn off the on access scanner before installing.
2. Install the game.
3. Make a backup of the DVM.dll file
The game should now run BUT if you do so having turned the on access scanner back on you will find that the game does not run and the DVM.dll has been deleted. If you scan the file it is reported as a virus (it isn't) and again will be deleted hence the need for a back up to copy into the game folder if this happens.
I have sent the file to McAfee Avert labs so they should white flag it eventually.
Bottom line is that this is a very poor effort by GoG. Guys, I love what you do but this isn't up to your usual standard.
I have found a work around but I have to say I am not very happy about this. I use McAfee.
1. Turn off the on access scanner before installing.
2. Install the game.
3. Make a backup of the DVM.dll file
The game should now run BUT if you do so having turned the on access scanner back on you will find that the game does not run and the DVM.dll has been deleted. If you scan the file it is reported as a virus (it isn't) and again will be deleted hence the need for a back up to copy into the game folder if this happens.
I have sent the file to McAfee Avert labs so they should white flag it eventually.
Bottom line is that this is a very poor effort by GoG. Guys, I love what you do but this isn't up to your usual standard.
onebuyer
leaving
Registered: Feb 2011
From Germany
Posted July 09, 2012
@McAfee users - TRY THIS.
There might be a simple solution. At least if one could trust virustotal.com.
https://www.virustotal.com/file/e974dd25c218b339de4a83987e3bc026a8b58fab169a2e19672cd9f76480f73a/analysis/
McAfee didn't detect my recompressed version and you could do it yourself.
Download UPX from upx.sourceforge.net.
Open up the command line and change to the directory containing dvm.dll.
Copy upx.exe inside that folder.
Type "upx -9 dvm.dll" on the command line (backup your original dvm.dll first).
NOTE: I didn't verify it on a LOCAL installation of McAfee. I relied on virustotal.com
EDIT:
Verified on a local copy of McAfee AntiVirus 2012 - including todays AV signatures.
Neither ON-DEMAND nor ON-ACCESS detects the upx compressed file as malware (in whatever sense). McAfee still complains about the original (uncompressed) file.
At least it's now working on McAfee "protected" PC's without any complains.
There might be a simple solution. At least if one could trust virustotal.com.
https://www.virustotal.com/file/e974dd25c218b339de4a83987e3bc026a8b58fab169a2e19672cd9f76480f73a/analysis/
McAfee didn't detect my recompressed version and you could do it yourself.
Download UPX from upx.sourceforge.net.
Open up the command line and change to the directory containing dvm.dll.
Copy upx.exe inside that folder.
Type "upx -9 dvm.dll" on the command line (backup your original dvm.dll first).
NOTE: I didn't verify it on a LOCAL installation of McAfee. I relied on virustotal.com
EDIT:
Verified on a local copy of McAfee AntiVirus 2012 - including todays AV signatures.
Neither ON-DEMAND nor ON-ACCESS detects the upx compressed file as malware (in whatever sense). McAfee still complains about the original (uncompressed) file.
At least it's now working on McAfee "protected" PC's without any complains.
Post edited July 10, 2012 by onebuyer
jr135659
New User
Registered: Aug 2011
From United Kingdom
Posted July 12, 2012
There might be a simple solution. At least if one could trust virustotal.com.
https://www.virustotal.com/file/e974dd25c218b339de4a83987e3bc026a8b58fab169a2e19672cd9f76480f73a/analysis/
McAfee didn't detect my recompressed version and you could do it yourself.
Download UPX from upx.sourceforge.net.
Open up the command line and change to the directory containing dvm.dll.
Copy upx.exe inside that folder.
Type "upx -9 dvm.dll" on the command line (backup your original dvm.dll first).
NOTE: I didn't verify it on a LOCAL installation of McAfee. I relied on virustotal.com
EDIT:
Verified on a local copy of McAfee AntiVirus 2012 - including todays AV signatures.
Neither ON-DEMAND nor ON-ACCESS detects the upx compressed file as malware (in whatever sense). McAfee still complains about the original (uncompressed) file.
At least it's now working on McAfee "protected" PC's without any complains.
I hope mcefee whitelists this file oneday.
Post edited July 12, 2012 by jr135659
onebuyer
leaving
Registered: Feb 2011
From Germany
Posted July 13, 2012
I hope mcefee whitelists this file oneday.
I've send them an e-mail.
Cyker
New User
Registered: Mar 2011
From United Kingdom
Posted July 20, 2012
Did anything come of this?
I wanted to play this on my laptop, but due to security measures in my workplace we have to have company-controlled AV installed if we want to connect non-work systems to the network. (Which I have to because they won't give me a company laptop...)
The AV in this case is Sophos and it is updated and configured via a remote server so I can't add an exception and I'm pretty sure the IT people won't allow it for me!
I've sent Sophos a sample of the dark athena exe, which gets flagged with a warning, and the dvm.dll, but smeg knows when/if anything will come of that...
I wanted to play this on my laptop, but due to security measures in my workplace we have to have company-controlled AV installed if we want to connect non-work systems to the network. (Which I have to because they won't give me a company laptop...)
The AV in this case is Sophos and it is updated and configured via a remote server so I can't add an exception and I'm pretty sure the IT people won't allow it for me!
I've sent Sophos a sample of the dark athena exe, which gets flagged with a warning, and the dvm.dll, but smeg knows when/if anything will come of that...
onebuyer
leaving
Registered: Feb 2011
From Germany
Posted July 21, 2012
I wanted to play this on my laptop, but due to security measures in my workplace we have to have company-controlled AV installed if we want to connect non-work systems to the network. (Which I have to because they won't give me a company laptop...)
The AV in this case is Sophos and it is updated and configured via a remote server so I can't add an exception and I'm pretty sure the IT people won't allow it for me!
I've sent Sophos a sample of the dark athena exe, which gets flagged with a warning, and the dvm.dll, but smeg knows when/if anything will come of that...
https://www.virustotal.com/file/ca8fe8d6f44f7503735d7a664e3809254ba120a8b306a6fd180a5f467f62661a/analysis/
Gizmojunk
New User
Registered: Apr 2009
From United States
Posted July 22, 2012
It's not just McAfee making a false positive; AVG also flags it and deletes it. If you restore it from their 'virus vault', it deletes it again.
It might be the result of a recent update, because I was able to install and complete both the original game and the expansion, but now AVG deletes the file.
*Trying to send it in as a false positive seems to fail when I use their integrated procedure for this.
Update: I have sent my copy of the Dll to Grisoft for analysis, and they have confirmed it as a false positive for AVG. It will be addressed in the next update.
(It has been addressed; I no longer have an issue with it.)
It might be the result of a recent update, because I was able to install and complete both the original game and the expansion, but now AVG deletes the file.
*Trying to send it in as a false positive seems to fail when I use their integrated procedure for this.
Update: I have sent my copy of the Dll to Grisoft for analysis, and they have confirmed it as a false positive for AVG. It will be addressed in the next update.
(It has been addressed; I no longer have an issue with it.)
Post edited July 24, 2012 by Gizmojunk
jr135659
New User
Registered: Aug 2011
From United Kingdom
Posted September 02, 2012
I hope mcefee whitelists this file oneday.
I've send them an e-mail.
I've also added this file to my Ad-Aware ignore list to stop Ad-aware from touching this file again.
As of now I can confirm that 'Riddick' works properly with this re-compressed file.
Thank you for your help and support in this problem.
Post edited September 02, 2012 by jr135659
BAZ
tp://rainwave.cc
Registered: Apr 2012
From United States
Posted August 28, 2013
I'd also like a post from gog, not a simple "its ok (we think" type of post, one where they looked into the coding, and can explicitly tell us we will have no problems.
If we remove the dll, and it then asks us to instal targes whatever, then it IS DRM, simple.
No game from gog should ever ask us to install drm, even if we delete a file or whatnot.
I'll be putting off buying this again till it is 100% donfirmed drm free (even if it has no drm in its code, it still shouldn't ask us to install it after the fact).
If we remove the dll, and it then asks us to instal targes whatever, then it IS DRM, simple.
No game from gog should ever ask us to install drm, even if we delete a file or whatnot.
I'll be putting off buying this again till it is 100% donfirmed drm free (even if it has no drm in its code, it still shouldn't ask us to install it after the fact).
MT89
New User
Registered: Sep 2013
From United States
Posted September 22, 2013
There might be a simple solution. At least if one could trust virustotal.com.
https://www.virustotal.com/file/e974dd25c218b339de4a83987e3bc026a8b58fab169a2e19672cd9f76480f73a/analysis/
McAfee didn't detect my recompressed version and you could do it yourself.
Download UPX from upx.sourceforge.net.
Open up the command line and change to the directory containing dvm.dll.
Copy upx.exe inside that folder.
Type "upx -9 dvm.dll" on the command line (backup your original dvm.dll first).
NOTE: I didn't verify it on a LOCAL installation of McAfee. I relied on virustotal.com
EDIT:
Verified on a local copy of McAfee AntiVirus 2012 - including todays AV signatures.
Neither ON-DEMAND nor ON-ACCESS detects the upx compressed file as malware (in whatever sense). McAfee still complains about the original (uncompressed) file.
At least it's now working on McAfee "protected" PC's without any complains.
Am I doing something wrong or is there something I'm missing in the command line? I am a novice with using command lines at all, so I'm not sure I'm putting everything in correctly.