Gen:trojan.heur.564e44? File Incriminated Nil32.dll

Hi!


Got this so called Trojan bloked as I tried to load Civilisation III from Infogrammes.


I know it cannot come from the game, as I have reinstalled it, and BDF still blocks it. I think it is a false positive, but I cannot do anything about it as the "suspicious" file is created at the application launch.


Therefore I cannot even send the file NIL32.dll.


Also, this Trojan appears on your German subjects bank with a de"scription link, but detail link for this subject isn't working: http://forum.bitdefender.com/index.php?showtopic=11283


Question: is this not obviously a false positive? If this is the case, how do I go about solving the problem in order to plan Civilisation III?


If it is indeed a Trojan, how come it pops up with the launching of Civilisaation III?


Thank you for your feedback.

Comments

  • Hi!


    Got this so called Trojan bloked as I tried to load Civilisation III from Infogrammes.


    I know it cannot come from the game, as I have reinstalled it, and BDF still blocks it. I think it is a false positive, but I cannot do anything about it as the "suspicious" file is created at the application launch.


    Therefore I cannot even send the file NIL32.dll.


    Also, this Trojan appears on your German subjects bank with a de"scription link, but detail link for this subject isn't working: http://forum.bitdefender.com/index.php?showtopic=11283


    Question: is this not obviously a false positive? If this is the case, how do I go about solving the problem in order to plan Civilisation III?


    If it is indeed a Trojan, how come it pops up with the launching of Civilisaation III?


    Thank you for your feedback.


    Hi,


    I've just seen that I forgot to send you the file. So here is a copy of the file and its attachement in the quarantine folder.


    Also, I've seen this lab has also been working on it: http://analysis.avira.com/samples/details....cidentid=166543


    Thank you in advance for the follow up.


    Regards.

    /applications/core/interface/file/attachment.php?id=4505" data-fileid="4505" rel="">Quarantine.rar

  • We're working on it. Thanks for the report.

  • We're working on it. Thanks for the report.


    Thank you for keeping me posted. Good work.

  • Thank you for keeping me posted. Good work.


    Detection will be removed after next update. That should be in a few hours.


    Have a nice day!

  • depassage
    edited January 2009
    Detection will be removed after next update. That should be in a few hours.


    Have a nice day!


    Thanks Danton. Euh, question: do you also cut off heads? lol!


    Have a nice day!


    Chris


    P.S.: how do I close post with resolved?

  • Thanks Danton. Euh, question: do you also cut off heads? lol!


    Have a nice day!


    Chris


    P.S.: how do I close post with resolved?


    I cut off heads only when I'm really . :)


    Don't worry about the topic/post.

  • I cut off heads only when I'm really ######. :)


    Don't worry about the topic/post.


    OK Thanks Danton. Keep up the good work and humour!