Update 49 is now available for testing on the PTS! You can read the latest patch notes here: https://forums.elderscrollsonline.com/en/categories/pts
Maintenance for the week of January 19:
• PC/Mac: No maintenance – January 19
• NA megaservers for patch maintenance – January 21, 4:00AM EST (9:00 UTC) - 10:00AM EST (15:00 UTC)
• EU megaservers for patch maintenance – January 21, 9:00 UTC (4:00AM EST) - 15:00 UTC (10:00AM EST)
• PC/Mac: No maintenance – January 19
• NA megaservers for patch maintenance – January 21, 4:00AM EST (9:00 UTC) - 10:00AM EST (15:00 UTC)
• EU megaservers for patch maintenance – January 21, 9:00 UTC (4:00AM EST) - 15:00 UTC (10:00AM EST)
[Bug] My AV software is finding high-threat risks in ESO?
Sintao
✭✭✭
Windows 10 Professional 64 bit
No peer to peer, file-sharing or other risky endeavours (this is a work PC!)
AV = Norton Internet Security
Noting now this is probably not A Big Thing.
I note that a threat may or may not exist.
Still, posting here in case it is due to an intended action by ESO files.
The dll in question seems to be have created via JAVA (javaw.exe, used when you do not want a console window to appear).
Summary:
Filename: libcef.dll
Threat name: Heur.AdvML.CFull Path: s:\games\eso\launcher\libcef.dll
On computers as of 13/12/2016 at 11:30:29 PM
Last Used 9/08/2017 at 9:21:15 PM
Startup Item No
Launched No
Threat type: Heuristic Virus. Detection of a threat based on malware heuristics.
libcef.dll Threat name: Heur.AdvML.C
Many Users. Hundreds of thousands of users in the Norton Community have used this file.
Mature. This file was released 3 years 11 months ago.
High. This file risk is high.
Source: External Media
Source File: javaw.exe
File Created: libcef.dll
File Actions Infected file: s:\Games\ESO\Launcher\ libcef.dll Restart Required
File Thumbprint - SHA: 1a70fc720f0eec1ebd614cb2bf9036e454c77ea64ccd6d5a38b287193907f84d
File Thumbprint - MD5: a3d088bf242e4c8312813ec6f94bb1b9
No peer to peer, file-sharing or other risky endeavours (this is a work PC!)
AV = Norton Internet Security
Noting now this is probably not A Big Thing.
I note that a threat may or may not exist.
Still, posting here in case it is due to an intended action by ESO files.
The dll in question seems to be have created via JAVA (javaw.exe, used when you do not want a console window to appear).
Summary:
Filename: libcef.dll
Threat name: Heur.AdvML.CFull Path: s:\games\eso\launcher\libcef.dll
On computers as of 13/12/2016 at 11:30:29 PM
Last Used 9/08/2017 at 9:21:15 PM
Startup Item No
Launched No
Threat type: Heuristic Virus. Detection of a threat based on malware heuristics.
libcef.dll Threat name: Heur.AdvML.C
Many Users. Hundreds of thousands of users in the Norton Community have used this file.
Mature. This file was released 3 years 11 months ago.
High. This file risk is high.
Source: External Media
Source File: javaw.exe
File Created: libcef.dll
File Actions Infected file: s:\Games\ESO\Launcher\ libcef.dll Restart Required
File Thumbprint - SHA: 1a70fc720f0eec1ebd614cb2bf9036e454c77ea64ccd6d5a38b287193907f84d
File Thumbprint - MD5: a3d088bf242e4c8312813ec6f94bb1b9
0
-
xRIVALENx✭✭✭Head on over to Virus Total and submit the dll in question for analysis, more than likely a false positive.0 -
SHADOW2KK✭✭✭✭✭
✭✭I use Norton and never had issues with ESO, try setting an exception to it in Firewall, set to allow, auto might be tripping it.Once I was a lamb, playing in a green field. Then the wolves came. Now I am an eagle and I fly in a different universe.
Been taking heads since TeS 3 Morrowind..
Been enjoying PvP tears since 2014
LvL 50 - Dragon Knight EP [PC-EU] = Illuvutar = Ex The Wabbajack = (Stam DK)
LvL 50 - Night Blade DC [PC-EU] = Legendary Blades = Evil Ninja/Dueller = (StamBlade)
LvL 50 - Sorcerer DC [PC-EU] = Daemon Lord = (Mag Sorc)
LvL 50 - Dragon Knight DC [PC-EU] = Khal-Bladez = (Mag DK)
LvL 50 - Dragon Knight DC [PC-EU] = Tenakha Khan = (Stam DK)
LvL 50 - Templar DC [PC-EU]] = Blades The Disgruntled = (Stamplar)
LvL 50 - Night Blade DC [PC-EU] = Ghost Blades = (Assassin)
LvL 50 - Night Blade DC [PC-EU] = Malekith The Shadow = (Mag NB)
LvL 50 - Warden DC [PC-EU] = Crimson Blades = (Stamden)
Guild Master of The Bringers Of The Storm.
Harrods
Member Of The Old Guard
PC Closed Betas 2013
PC Mastah Race
Anook Page anook.com/shadow2kk
Been playing since Beta and Early Access0 -
Sintao✭✭✭Okay, I looked into this (deep dive) , and traced it back to (maybe) an AddOn. Reinstalling the AddOn corrected this. I also note libcef.dll is a Chromium Embedded DLL. The alert seems to be based on a Norton heuristic detection and as mentioned in my OP is likely no big deal.
Virus total sees it as clean. Most likely a false positive. I will begin a discussion on esoui for the AddOn is question.
Thanks for the feedback @SHADOW2KK and @xRIVALENx !0 -
SHADOW2KK✭✭✭✭✭
✭✭Okay, I looked into this (deep dive) , and traced it back to (maybe) an AddOn. Reinstalling the AddOn corrected this. I also note libcef.dll is a Chromium Embedded DLL. The alert seems to be based on a Norton heuristic detection and as mentioned in my OP is likely no big deal.
Virus total sees it as clean. Most likely a false positive. I will begin a discussion on esoui for the AddOn is question.
Thanks for the feedback @SHADOW2KK and @xRIVALENx !
Nice one, and your welcome:}Once I was a lamb, playing in a green field. Then the wolves came. Now I am an eagle and I fly in a different universe.
Been taking heads since TeS 3 Morrowind..
Been enjoying PvP tears since 2014
LvL 50 - Dragon Knight EP [PC-EU] = Illuvutar = Ex The Wabbajack = (Stam DK)
LvL 50 - Night Blade DC [PC-EU] = Legendary Blades = Evil Ninja/Dueller = (StamBlade)
LvL 50 - Sorcerer DC [PC-EU] = Daemon Lord = (Mag Sorc)
LvL 50 - Dragon Knight DC [PC-EU] = Khal-Bladez = (Mag DK)
LvL 50 - Dragon Knight DC [PC-EU] = Tenakha Khan = (Stam DK)
LvL 50 - Templar DC [PC-EU]] = Blades The Disgruntled = (Stamplar)
LvL 50 - Night Blade DC [PC-EU] = Ghost Blades = (Assassin)
LvL 50 - Night Blade DC [PC-EU] = Malekith The Shadow = (Mag NB)
LvL 50 - Warden DC [PC-EU] = Crimson Blades = (Stamden)
Guild Master of The Bringers Of The Storm.
Harrods
Member Of The Old Guard
PC Closed Betas 2013
PC Mastah Race
Anook Page anook.com/shadow2kk
Been playing since Beta and Early Access0