It seems that you're using an outdated browser. Some things may not work as they should (or don't work at all).
We suggest you upgrade newer and better browser like: Chrome, Firefox, Internet Explorer or Opera

×
Is anyone else getting virus warnings from the tra.exe file in Tomb Raider Anniversary? This is from Tomb Raider Anniversary v1.0 (48900). I checked on VirusTotal.com and it's showing that 7 antivirus engines are flagging the file.

The SHA256 file hash of tra.exe is b43ade0d922b0f007747e5707b97c86404cbf4f051829e3711f7007a656ea53a

Can anyone else verify that the tra.exe file hasn't been altered?
Post edited January 26, 2022 by IronArcturus
avatar
IronArcturus: Is anyone else getting virus warnings from the tra.exe file in Tomb Raider Anniversary? This is from Tomb Raider Anniversary v1.0 (48900). I checked on VirusTotal.com and it's showing that 7 antivirus engines are flagging the file.

The SHA256 file hash of tra.exe is b43ade0d922b0f007747e5707b97c86404cbf4f051829e3711f7007a656ea53a

Can anyone else verify that the tra.exe file hasn't been altered?
Hello!
I'm having this very same issue. For that, the game cannot be downloaded correctly nor be uninstalled. My antivirus get me the option to mark the file as a false positive, but I did not do that until we receive a proper response.
Post edited January 29, 2022 by OmegaRazek
I am getting same problem
2 months and no proper response? i just bought it because its on sale and got the same warning from avast...does gog not respond to forum posts?
avatar
AblazinEagle: 2 months and no proper response? i just bought it because its on sale and got the same warning from avast...does gog not respond to forum posts?
No, gog doesn't read the forum, except the moderators, sort of. If you want a response from gog, file a support request. What sort of response were you expecting? The sha256sum of tra.exe given above is the same as what you get after a fresh install. I don't get virus checker warnings, because I don't run virus checkers. I consider them to be a bigger scam/problem than the viruses themselves.
Yep, just bought it, downloaded the offline installers, and I get a ransomware alert.
File version 1.1.748.0 (the real one from the exe, not the fake one from the store page that says its a 1.0 exe).
I'm getting the issue right now. Hasn't happened with a single other game in my library.
LOL. If you have a windows PC and are using anything other than defender you're being suckered. They are all useless and even shady,
Steam version
Uses PECompact to compress the executable and likely has Steam DRM.
Detection results on VirusTotal ( 7461663A67BC3B9E7324AFBD1E0AC8D4E092BD7083DDF147231A42A790814B0E ), 5 vendors detected issue, 63 vendors cleared / passed executable.
- Cybereason: Malicious.7e3cdb
- Malwarebytes: Malware.Heuristic.1001
- MaxSecure: Trojan.Malware.300983.susgen
- SecureAge APEX: Malicious
- Trapmine: Suspicious.low.ml.score

GOG version
Does not compress the executable.
Detection results on VirusTotal ( b43ade0d922b0f007747e5707b97c86404cbf4f051829e3711f7007a656ea53a ), 11 vendors detected issue, 57 vendors cleared / passed executable.
- Avast: FileRepMalware
- AVG: FileRepMalware
- Bkav Pro: W32.AIDetect.malware2
- Malwarebytes: Malware.Heuristic.1004
- McAfee: Artemis!3A2C29F0F077
- McAfee-GW-Edition: Artemis
- Sangfor Engine Zero: Riskware.Win32.FileRepMalware.at
- SecureAge APEX: Malicious
- SentinelOne (Static ML): Static AI - Suspicious PE
- Sophos: Generic ML PUA (PUA)
- Trapmine: Malicious.high.ml.score

Likely false positives, both Steam and GOG versions are flagged by Heuristics i.e. using educated guesses (rule or weight based) to detect potential malware / potential variants of existing malware. Actual signatures do not detect anything malicious.

VirusTotal allows (re)analysis of files already submitted and shows Vendor Detection, Details of Executable, Relations between executable to other files / registry and behavior of the executable. Just enter the hash in the search feature.

TL;DR: No detection using actual virus / malware signatures, however heuristics are flagging both Steam and GOG versions. Probably best to raise a support case with GOG if suspicious, they can contact the anti-malware vendors and ask for false positives to be removed.

EDIT: statistics, formatting and spelling
Post edited June 07, 2022 by Epicedium
i dont know what is more important point: GOG cannot do that, or they shoudlnt do that for you. Contact your security app software vendors yourself.

VirusTotal not accurate. They have limited access to apps APIs. Dont know why, but sometimes MWB and Microsfoft MSE\Defender not detect what is VT detect for them. And i mean cases when re-scan didnt solve this. Sometimes rescan fix that too, ofc.

Why this thread exist? It looks like made for steam exe (from details), looks like jsut few vendors - and all of them is non-trusted trashy ones. mentioned here Avast didnt fins anything (for now). MWB can be mistake from VT (for any reason). Anything else is malicious themselfs.
avatar
QWEEDDYZ: i dont know what is more important point: GOG cannot do that, or they shoudlnt do that for you. Contact your security app software vendors yourself.

VirusTotal not accurate. They have limited access to apps APIs. Dont know why, but sometimes MWB and Microsfoft MSE\Defender not detect what is VT detect for them. And i mean cases when re-scan didnt solve this. Sometimes rescan fix that too, ofc.

Why this thread exist? It looks like made for steam exe (from details), looks like jsut few vendors - and all of them is non-trusted trashy ones. mentioned here Avast didnt fins anything (for now). MWB can be mistake from VT (for any reason). Anything else is malicious themselfs.
STOP using any other AV than Defender. Fools.