False Positive? (Dragon Age: Origins file nxcharacter.dll)

I had this file (nxcharacter.dll) flagged on my scan just now with the latest definitions. Better safe than sorry it went in the chest and bit a boot scan. Just logged back in and did a google search and it seems I’m not the only one with the problem (Bioware forums thread).

Any advice? Wait till the next definitions are out and scan it again?

Thanks in advance.

have you tested the file at www.virustotal.com to see if any other AV detect this as malware?

Not personally, I just sent it straight to the chest, it looks like someone in that thread had though.

avast and one other scanner seem to think there is trojan in nxcharacter.dll

File name:
nxcharacter.dll
Submission date:
2011-06-04 14:20:57 (UTC)
Current status:
queued (#33) queued (#33) analysing finished
Result:
3/ 42 (7.1%)

VT Community

not reviewed
Safety score: -
Compact
Print results
Antivirus Version Last Update Result
AhnLab-V3 2011.06.04.00 2011.06.03 -
AntiVir 7.11.9.24 2011.06.04 -
Antiy-AVL 2.0.3.7 2011.06.04 -
Avast 4.8.1351.0 2011.06.04 Win32:Hiloti-CU
Avast5 5.0.677.0 2011.06.04 Win32:Hiloti-CU
AVG 10.0.0.1190 2011.06.04 -
BitDefender 7.2 2011.06.04 -
CAT-QuickHeal 11.00 2011.06.04 -
ClamAV 0.97.0.0 2011.06.04 -
Commtouch 5.3.2.6 2011.06.04 -
Comodo 8947 2011.06.04 -
DrWeb 5.0.2.03300 2011.06.04 -
Emsisoft 5.1.0.5 2011.06.04 -
eSafe 7.0.17.0 2011.06.02 -
eTrust-Vet 36.1.8366 2011.06.03 -
F-Prot 4.6.2.117 2011.06.03 -
F-Secure 9.0.16440.0 2011.06.04 -
Fortinet 4.2.257.0 2011.06.04 -
GData 22 2011.06.04 Win32:Hiloti-CU
Ikarus T3.1.1.104.0 2011.06.04 -
Jiangmin 13.0.900 2011.06.01 -
K7AntiVirus 9.104.4763 2011.06.03 -
Kaspersky 9.0.0.837 2011.06.04 -
McAfee 5.400.0.1158 2011.06.04 -
McAfee-GW-Edition 2010.1D 2011.06.04 -
Microsoft 1.6903 2011.06.04 -
NOD32 6179 2011.06.04 -
Norman 6.07.07 2011.06.04 -
nProtect 2011-06-04.01 2011.06.04 -
Panda 10.0.3.5 2011.06.04 -
PCTools 7.0.3.5 2011.06.03 -
Prevx 3.0 2011.06.04 -
Rising 23.60.03.09 2011.06.03 -
Sophos 4.66.0 2011.06.04 -
SUPERAntiSpyware 4.40.0.1006 2011.06.04 -
TheHacker 6.7.0.1.215 2011.06.02 -
TrendMicro 9.200.0.1012 2011.06.04 -
TrendMicro-HouseCall 9.200.0.1012 2011.06.04 -
VBA32 3.12.16.0 2011.06.03 -
VIPRE 9482 2011.06.04 -
ViRobot 2011.6.4.4496 2011.06.04 -
VirusBuster 14.0.67.1 2011.06.04 -
Additional information
Show all

sure looks like a FP only detected by avast! …

you can then upload the file from Chest to avast as a False Positive
https://support.avast.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=501#idt_07

or send to virus @ avast.com in a password protected zip.file
mail subject: False Positive
Password: infected

you may add a link to this topic in the mail

Hi Pondus,

Here it is given as safe: http://spywaredlls.prevx.com/RRIIHC3820842/NXCHARACTER.DLL.html
the dll goes into the installation folder…
file has a history of developer problems to run on windows back in 2009, could that have been a reason for this recent avast FP??
See: http://forums.developer.nvidia.com/index.php?showtopic=2702&mode=linear
posted in the Developer Zone section by author of posting, SoleFly

Also see the report on nxcharacter.dll and avast detection here: http://social.bioware.com/forum/Dragon-Age-Origins/Dragon-Age-Origins-PC-Technical-Support/Avast-Anti-virus-and-nxcharacterdll--7533568-1.html
author of posting at that forum is RaenImrahl, see : http://social.bioware.com/2003484/

polonus

I can confirm false positive alert on this file with current VPS. FP is internally fixed, new VPS will be distributed in few hours.