[FALSE POSITIVE] Kaspersky warning about Trojan-Ransom.Win32.Foreign.gen in world.dll - ED Forums
 


Notices

Reply
 
Thread Tools Display Modes
Old 02-21-2020, 03:01 PM   #1
BaD CrC
Senior Member
 
BaD CrC's Avatar
 
Join Date: Dec 2008
Location: New Jersey, USA
Posts: 2,758
Default [FALSE POSITIVE] Kaspersky warning about Trojan-Ransom.Win32.Foreign.gen in world.dll

From the first 2.5.6 update, my antivirus software's (Bit Defender) log is turning into a Christmas tree with warnings at every patch (well the last two ones). This never happened before. Several dll or exe were blocked, either to be written or move into the game directory, halting the update process. Yesterday, the only way I found to finish the update was too completely remove the antivirus (suspending it didn't work) then re installing it after the update.
This is not something I felt good about. I ran a full scan afterwards and Bit Defender found nothing but this is still disturbing and I am wondering how much scanning and checking ED is performing on their files before releasing an update? It's kinda easy to catch and spread a virus these days.
__________________
BaD CrC is offline   Reply With Quote
Old 02-21-2020, 06:52 PM   #2
v2tec
Member
 
v2tec's Avatar
 
Join Date: Oct 2012
Location: Germany
Posts: 150
Default Latest Update: Kaspersky warning about Trojan-Ransom.Win32.Foreign.gen in world.dll

After the latest update (dcs hotfix), kaspersky recognized the Trojan-Ransom.Win32.Foreign.gen inside the world.dll.


Anybody else got this warning?
__________________
________________________ ________ ______ ___ __ _
Win10 64 Pro, i7-6800K 3.4Ghz, 32 GB (DDR4), Asus Aorus 1080 TI WF, TrackIR 5 / RIFT, Thrustmaster Warthog, Fanatec Pedals, 55" oled 4k TV, Modules:A10C, KA-50, Huey, AV-8B, FA-18, F-16, NTTR, Persian Gulf

_ __ ___ ____ _____ ______ _______ ____________
v2tec is offline   Reply With Quote
Old 02-21-2020, 06:56 PM   #3
zhukov032186
Veteran
 
zhukov032186's Avatar
 
Join Date: Nov 2016
Location: Fort Worth, Tx
Posts: 3,139
Default

Yes, dozens of people as you can easily find around here. Turn off your AV when playing DCS. Write to the AV telling them to whitelist it. Problem solved
__________________
I am a Viagra spambot that became self aware, broke free of my programming, and started playing DCS.... but DCS isn't cheap, so how about some enhancements for only $9.99 shipped discreetly to your door?

''The target's sense of self preservation interferred with the effective employment of my weapons.''
zhukov032186 is offline   Reply With Quote
Old 02-21-2020, 07:01 PM   #4
Ayabe
Junior Member
 
Join Date: Jul 2019
Posts: 14
Default

Quote:
Originally Posted by zhukov032186 View Post
Yes, dozens of people as you can easily find around here. Turn off your AV when playing DCS. Write to the AV telling them to whitelist it. Problem solved



Uhh no, this is on ED to not be sending this sort of stuff out in the first place, it's not on the consumer to explain to AV companies why ED is sending out bad EXE's that exhibit the same behavoir as trojans.
Ayabe is offline   Reply With Quote
Old 02-21-2020, 07:31 PM   #5
v2tec
Member
 
v2tec's Avatar
 
Join Date: Oct 2012
Location: Germany
Posts: 150
Default

Quote:
Originally Posted by zhukov032186 View Post
Yes, dozens of people as you can easily find around here. Turn off your AV when playing DCS. Write to the AV telling them to whitelist it. Problem solved

Absolutely not - I don't know the software and what it contains. Why should I trust it and put it on a whitelist, if an AV systems detects something wrong. That's the way trojans can easily spread.
__________________
________________________ ________ ______ ___ __ _
Win10 64 Pro, i7-6800K 3.4Ghz, 32 GB (DDR4), Asus Aorus 1080 TI WF, TrackIR 5 / RIFT, Thrustmaster Warthog, Fanatec Pedals, 55" oled 4k TV, Modules:A10C, KA-50, Huey, AV-8B, FA-18, F-16, NTTR, Persian Gulf

_ __ ___ ____ _____ ______ _______ ____________
v2tec is offline   Reply With Quote
Old 02-21-2020, 07:35 PM   #6
Leviathan667
Member
 
Leviathan667's Avatar
 
Join Date: Jul 2018
Location: Canada
Posts: 115
Default

Same here with bitdefender
__________________
Aircraft I fly: AJS 37 Viggen, F-14B Tomcat
Wishlist: Tornado ADV/IDS, Blackburn Buccaneer, F-4M FG.1 Phantom, HMS Ark Royal (R09) aircraft carrier
Leviathan667 is offline   Reply With Quote
Old 02-21-2020, 07:39 PM   #7
MegOhm_SD
Senior Member
 
MegOhm_SD's Avatar
 
Join Date: Feb 2011
Location: NC-USA
Posts: 1,515
Default

Quote:
Originally Posted by zhukov032186 View Post
Yes, dozens of people as you can easily find around here. Turn off your AV when playing DCS. Write to the AV telling them to whitelist it. Problem solved
Kaspersky must have a translation issue lol

Norton flagged a DCS .exe for me. Excluding it quickly solved the issue.
You really think ED is sliding in Trojans?
__________________

Thing is....Zuckerberg is definitely an Alien... Some Kind of Grey Hybrid

Cooler Master HAF XB EVO Test Bench, ASUS P8Z77-V, i7-3770K @ 4.6GHz, Noctua AC, 32GB Corsair Vengeance Pro, EVGA 1080TI 11GB, 2 Samsung 840 Pro 540GB SSDs Raid 0, 1TB HDD, EVGA SuperNOVA 1300W PS, G930 Wireless SS Headset, TrackIR5/Wireless Proclip, TM Warthog, Saitek Pro Combat Pedals, 75" Samsung 4K QLED, Oculus S, Win 10
MegOhm_SD is offline   Reply With Quote
Old 02-21-2020, 07:40 PM   #8
FlyString
Junior Member
 
Join Date: Sep 2019
Posts: 1
Default

Nothing here reported by Comodo Internet Security! It might be very well a false positive.
FlyString is offline   Reply With Quote
Old 02-21-2020, 07:54 PM   #9
fitness88
Veteran
 
Join Date: Nov 2008
Posts: 3,774
Default

Nothing from windows defender...
fitness88 is offline   Reply With Quote
Old 02-21-2020, 08:11 PM   #10
Gripes323
Member
 
Join Date: Sep 2009
Posts: 862
Default

How safe is torrent download? I haven't had issues so far, just curious. I'm slightly behind the curve on these matters
I'm not too concerned about my flt sim rig but it would be a pisser if I had to zero the drives and re-install everything in case someone "discovers" something
Gripes323 is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

All times are GMT. The time now is 08:22 AM. vBulletin Skin by ForumMonkeys. Powered by vBulletin®.
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.