ArcGIS Blog

Administration

ArcGIS Trust Center

Anti-Virus False Positive Alerts for Desktop 10.6

By Michael Young

The file regESRIRegASM.dll is being incorrectly being flagged as being infected by a small number of Anti-virus products for ArcGIS Desktop 10.6.  We have already confirmed this as a false positive with the Anti-virus vendors and are waiting for them to update their signature lists.  The file is found in: C:\Program Files (x86)\Common Files\ArcGIS\bin

Most AV scanners do not flag the file as suspicious, which can be confirmed on the VirusTotal website here:

https://www.virustotal.com/#/file/47c048741eeb21049d82ac0ae73533e1803f14678515e72a8531068f172eff02/detection

Notes (Updated 8/10/18):

  • This issue represents a false positive. This DLL is *NOT* malware.
  • There was some incorrect information posted to the web that this issue affects 10.6.1.  The false positive alerts are only for ArcGIS Desktop 10.6
  • McAfee whitelisted the relevant files on 8/10 and will no longer alert with a false positive
  • Some less frequently used AV products continue to alert with false positives – We have notified them of the issue.  An immediate resolution for our customers is to update to 10.6.1.

 

  • Esri Software Security & Privacy

Share this article