FIX for DSETUP.DLL (Also known as DSETUP.0LL)

[Ssouky]

Playing from my corporate laptop, can't exclude anything from the McAffee list.
I tried everything but I can't turn down the anti-virus, and can't even extract the files : it gets deleted with a warning by the AV right away.

P99 might be finished for me :'(

[phacemeltar]

this is hardly a fix. if anything this post should be called "how to use your antivirus"

[EQLZ]

My last 4 days...
Last Thursday - Old friend emails me and says "Hey, remember EQ? There is this Project1999 site that is doing private server, old school Ruins of Kunark and it's free." If you still have your disks, check it out because I'm gonna start playing again and I think you should too."

Last Thursday Night - Locate my disks after rummaging through boxes I packed up a decade and a half ago. Install using the instructions, but had to go to bed before I could get to play.

Last Friday Night - Get off work, spent some time with the GF then logged on and started leveling a Barbar Shammy. Original UI, original models. Hit like level 5, decided to do some research, hit up your site, found instructions on the newer UI and the newer models, decided I'd toy with that Saturday morning.

Last Saturday - Modified everything, started playing with the new UI and the newer models. Played most of the day, but right after I logged off, which was almost exactly 3am, my daily AV scans popped up saying that DSETUP.DLL was a trojan. This concerned me, checked out the forums, read this thread then, decided to uninstall from my main system, did so, then ran exhaustive checks with 3 different AV products and 2 different malware/adware products. Scan came up clean, decided to put it to bed for the evening...

Yesterday - Because the combination of the trojan hit, your advice to just have it ignore the threat, and the fact that I am a little cautious in general...I decided to take the precaution of pulling my other system out and installing it on that one. My other system is essentially an anonymous PC, there is no personal information on it, it has never browsed my email, never been to my social media sites, nada. Installed, modified for the newer UI and models, ran an AV scan and it hit the same DLL as a trojan but I wanted to check it out, so I logged in and started playing. Played for about 4 hours, in windowed mode...all of a sudden Chrome opens, is made default browser, redirects to malware site, download starts, install starts, POWER BUTTON, restart and rollback to prior to actually logging in. Started real time monitoring on AV and malware apps, started task manager, loaded game again and logged in to start playing. All was fine for about 2 hours, then, all of a sudden IE opens, is made default and browser redirect to another malware site, download and install starts, AV catches it and its stopped in its tracks. I kill the browser, reset default browser, clear history, clear cache and temp files, logged back in. About another 3-4 hours pass, and it happens again with Chrome...so what's the deal?

And please don't give your standard response of "If you don't like it, don't play."...because after this happening to me, honestly; it makes you look suspect. Love EQ, really want to play, love that you guys are doing what you are doing, but peace of mind and personal information security is more important to me than all of that. I'm asking you to address a legitimate concern of someone who has experienced the trojan aspect that you are telling people to dismiss and ignore.

[Man0warr]

Quote:

Yesterday - Because the combination of the trojan hit, your advice to just have it ignore the threat, and the fact that I am a little cautious in general...I decided to take the precaution of pulling my other system out and installing it on that one. My other system is essentially an anonymous PC, there is no personal information on it, it has never browsed my email, never been to my social media sites, nada. Installed, modified for the newer UI and models, ran an AV scan and it hit the same DLL as a trojan but I wanted to check it out, so I logged in and started playing. Played for about 4 hours, in windowed mode...all of a sudden Chrome opens, is made default browser, redirects to malware site, download starts, install starts, POWER BUTTON, restart and rollback to prior to actually logging in. Started real time monitoring on AV and malware apps, started task manager, loaded game again and logged in to start playing. All was fine for about 2 hours, then, all of a sudden IE opens, is made default and browser redirect to another malware site, download and install starts, AV catches it and its stopped in its tracks. I kill the browser, reset default browser, clear history, clear cache and temp files, logged back in. About another 3-4 hours pass, and it happens again with Chrome...so what's the deal?

That's not caused from the DLL in the game's files that's for sure. If it was, there would be a lot more people reporting it.

[EQLZ]

Quote:

Originally Posted by Man0warr [You must be logged in to view images. Log in or Register.]

That's not caused from the DLL in the game's files that's for sure. If it was, there would be a lot more people reporting it.

I'm actually kind of stumped on troubleshooting the issue at this point. EQ Titanium is the only thing I've loaded since this started happening, and the only other application running while my EQ client is running is Skype so I can chat with my buddy that brought me to p1999. I've scrubbed the system numerous times, run scans with Malwarebytes, MS Security Essentials, and Spybot S&D after each play session and at least 100 vulnerabilities pop up with each scan. This only occurs while I have the EQ client running and it is somehow bypassing security measures that will catch and stop malware if I go to the same malware sites on my own in Chrome. When hitting those sites on my own, real time monitoring immediately alerts me of the threat and asks me if I want to prevent it from installing, yet while running the EQ client, without a browser process even running, the malware just flows in as if I have no security measures in place at all. At this point I am so frustrated that I'm having trouble justifying the annoyance in order to play EQ again.

[myriverse]

Quote:

Originally Posted by EQLZ [You must be logged in to view images. Log in or Register.]

Yesterday - Because the combination of the trojan hit, your advice to just have it ignore the threat, and the fact that I am a little cautious in general...I decided to take the precaution of pulling my other system out and installing it on that one. My other system is essentially an anonymous PC, there is no personal information on it, it has never browsed my email, never been to my social media sites, nada. Installed, modified for the newer UI and models, ran an AV scan and it hit the same DLL as a trojan but I wanted to check it out, so I logged in and started playing. Played for about 4 hours, in windowed mode...all of a sudden Chrome opens, is made default browser, redirects to malware site, download starts, install starts, POWER BUTTON, restart and rollback to prior to actually logging in. Started real time monitoring on AV and malware apps, started task manager, loaded game again and logged in to start playing. All was fine for about 2 hours, then, all of a sudden IE opens, is made default and browser redirect to another malware site, download and install starts, AV catches it and its stopped in its tracks. I kill the browser, reset default browser, clear history, clear cache and temp files, logged back in. About another 3-4 hours pass, and it happens again with Chrome...so what's the deal?

And please don't give your standard response of "If you don't like it, don't play."...because after this happening to me, honestly; it makes you look suspect. Love EQ, really want to play, love that you guys are doing what you are doing, but peace of mind and personal information security is more important to me than all of that. I'm asking you to address a legitimate concern of someone who has experienced the trojan aspect that you are telling people to dismiss and ignore.

Absolutely nothing like this is from anything having to do with P99. It's from something else you did with that computer.

[myriverse]

Quote:

Originally Posted by EQLZ [You must be logged in to view images. Log in or Register.]

Skype

That's likely your problem, right there.

[EQLZ]

I think I figured it out last night. I was able to play without any trouble at all, and during real time monitoring, and the scans I did after play just to be sure, no threats detected, so I should be good now. While I can't confirm this, when I loaded from the actual disks, the getting started instructions also mention WinEQ2 as a preemptive measure and that many players use it. So I downloaded it and unpacked it in the event that I'd need it. Didn't install it, but downloaded and extracted it just in case. From the best I can tell, something came through with the WinEQ2 download.