Jump to content


Malware warning on update?


  • Please log in to reply
23 replies to this topic

RambunctiousRat #1 Posted 21 February 2018 - 09:22 AM

    Private

  • Player
  • 7562 battles
  • 18
  • Member since:
    01-27-2015

Hi folks,

When I fired up Game centre this morning it tried to apply a patch to WoT, but Bullguard, my anti virus software kicked in saying it had stopped an infected file. The details it gave were as follows (I've copied and pasted rather than trying to post a screen shot); 

 

Infected object: dl-wot-gc.wargaming.net/eu/patches/wot_9.22.0.777_eu/wot_9.22.15619_9.22.15024_client.wgpkg

Malware: Exploit.CVE-2007-0071.Gen
Infected process: [11560] C:\ProgramData\Wargaming.net\GameCenter\wgc.exe

21/02/2018 08:06:49

 

I've been playing the game for about 6 months again after a long break and this is the first time I've got any sort of warning when applying patches. I've tried WoT and it starts up fine so I'm guessing the patch did get applied, but has anyone else experienced this? Is it just my virus blocker having a moment? Anyone else use Bullguard and get the same alert?

Maybe Bullguard is secretly trying to spare me the pain of playing light tanks on a constant rotation of Paris, Kharkov, Himmelsdorf, Pilsen and Stalingrad!

 

Cheers

Rat



SABAOTH #2 Posted 21 February 2018 - 09:24 AM

    Major

  • Player
  • 36420 battles
  • 2,908
  • [-133-] -133-
  • Member since:
    08-28-2011

View PostRambunctiousRat, on 21 February 2018 - 09:22 AM, said:

Hi folks,

When I fired up Game centre this morning it tried to apply a patch to WoT, but Bullguard, my anti virus software kicked in saying it had stopped an infected file. The details it gave were as follows (I've copied and pasted rather than trying to post a screen shot); 

 

Infected object: dl-wot-gc.wargaming.net/eu/patches/wot_9.22.0.777_eu/wot_9.22.15619_9.22.15024_client.wgpkg

Malware: Exploit.CVE-2007-0071.Gen
Infected process: [11560] C:\ProgramData\Wargaming.net\GameCenter\wgc.exe

21/02/2018 08:06:49

 

I've been playing the game for about 6 months again after a long break and this is the first time I've got any sort of warning when applying patches. I've tried WoT and it starts up fine so I'm guessing the patch did get applied, but has anyone else experienced this? Is it just my virus blocker having a moment? Anyone else use Bullguard and get the same alert?

Maybe Bullguard is secretly trying to spare me the pain of playing light tanks on a constant rotation of Paris, Kharkov, Himmelsdorf, Pilsen and Stalingrad!

 

Cheers

Rat

 

Did you install any mod before?

8126Jakobsson #3 Posted 21 February 2018 - 09:28 AM

    Major

  • Player
  • 61160 battles
  • 2,586
  • Member since:
    12-20-2014
Don't know about that but my game has crashed twice since the update, so something is up to no good I tell you.

SABAOTH #4 Posted 21 February 2018 - 09:30 AM

    Major

  • Player
  • 36420 battles
  • 2,908
  • [-133-] -133-
  • Member since:
    08-28-2011

View Post8126Jakobsson, on 21 February 2018 - 09:28 AM, said:

Don't know about that but my game has crashed twice since the update, so something is up to no good I tell you.

 

Probably WG decided to turn WoT in some giant botnet to mine bitcoin for Rassha world domination.

 

That would be cool :girl:


Edited by SABAOTH, 21 February 2018 - 09:30 AM.


RambunctiousRat #5 Posted 21 February 2018 - 09:32 AM

    Private

  • Player
  • 7562 battles
  • 18
  • Member since:
    01-27-2015
Sorry, should have said, it's a clean, vanilla WoT install, no mods at all. 

_CrownVictoria_ #6 Posted 21 February 2018 - 09:36 AM

    Corporal

  • Player
  • 24177 battles
  • 163
  • [REBLS] REBLS
  • Member since:
    07-19-2012
https://thearmoredpa...ecurity-breach/

Cobra6 #7 Posted 21 February 2018 - 09:36 AM

    Field Marshal

  • Beta Tester
  • 16295 battles
  • 15,018
  • [RGT] RGT
  • Member since:
    09-17-2010

Don't use the Wargaming centre, it's useless bloatware to begin with.

 

I know you have to use it if you want to play World of Warplanes because in that respect Wargaming is as f@cking annoying as Ubisoft and EA trying to enforce their own custom launchers despite us already having perfectly working launchers to begin with.

 

Cobra 6



Geno1isme #8 Posted 21 February 2018 - 09:38 AM

    Lieutenant General

  • Player
  • 40053 battles
  • 6,629
  • [TRYIT] TRYIT
  • Member since:
    09-03-2013

Most likely a false positive. The signature is for a malware that targeted a buffer overflow in flash player versions in 2007: https://www.mcafee.c....aspx?id=145075

 

As the WoT client (and probably the game center as well) is also using actionscript (same as flash player) in some parts your "security" software probably triggered due to some code fragment looking similar to that ancient malware sample. It's rather unlikely for such an old piece of malware to be actively used in the wild today as the attack vectors used back then are long gone.



Angelo51 #9 Posted 21 February 2018 - 10:54 AM

    Staff Sergeant

  • Player
  • 63761 battles
  • 311
  • [HELL5] HELL5
  • Member since:
    12-30-2012

View PostRambunctiousRat, on 21 February 2018 - 09:22 AM, said:

Hi folks,

When I fired up Game centre this morning it tried to apply a patch to WoT, but Bullguard, my anti virus software kicked in saying it had stopped an infected file. The details it gave were as follows (I've copied and pasted rather than trying to post a screen shot); 

 

Infected object: dl-wot-gc.wargaming.net/eu/patches/wot_9.22.0.777_eu/wot_9.22.15619_9.22.15024_client.wgpkg

Malware: Exploit.CVE-2007-0071.Gen
Infected process: [11560] C:\ProgramData\Wargaming.net\GameCenter\wgc.exe

21/02/2018 08:06:49

 

I've been playing the game for about 6 months again after a long break and this is the first time I've got any sort of warning when applying patches. I've tried WoT and it starts up fine so I'm guessing the patch did get applied, but has anyone else experienced this? Is it just my virus blocker having a moment? Anyone else use Bullguard and get the same alert?

Maybe Bullguard is secretly trying to spare me the pain of playing light tanks on a constant rotation of Paris, Kharkov, Himmelsdorf, Pilsen and Stalingrad!

 

Cheers

Rat

 

​You may have to Grant Permission to let the Game pass through your Firewall that your AV is monitoring.  That can be done by going to settings on the Game Launcher. 

Edited by Angelo51, 21 February 2018 - 10:56 AM.


RambunctiousRat #10 Posted 21 February 2018 - 11:36 AM

    Private

  • Player
  • 7562 battles
  • 18
  • Member since:
    01-27-2015
Thanks for the replies folks

Pvt_Duffer #11 Posted 21 February 2018 - 11:37 AM

    Lieutenant Сolonel

  • Player
  • 16404 battles
  • 3,045
  • [WJDE] WJDE
  • Member since:
    05-11-2011

View Post_CrownVictoria_, on 21 February 2018 - 08:36 AM, said:

 

yes we had that all over the forum yesterday, 

 

nothing to fo with WG or WoT user is infected with linkmyc.com adware

 

 

 

@OP interesting that when you're told your computer may  be infected by something your first choice is to go on the internet and post about it

That's no the usual advice for dealing with viruses.,

 

 

I am starting to suspect that the AI forum bots have come up with a new wheeze to sow discontent.

 

 


Edited by Pvt_Duffer, 21 February 2018 - 11:42 AM.


Balc0ra #12 Posted 21 February 2018 - 12:24 PM

    Field Marshal

  • Player
  • 62839 battles
  • 14,441
  • [WALL] WALL
  • Member since:
    07-10-2012
Via what virus scanner? As I've not seen a single thing. As pointed out above. It's likely a false positive.

vuque #13 Posted 21 February 2018 - 12:27 PM

    Community Manager

  • WG Staff
  • 16809 battles
  • 2,401
  • [YOQ] YOQ
  • Member since:
    08-05-2010
Hello Commanders,
 
Thank you for sharing your concerns with us. We assure you that we are passing this information on to our developers and they are going to investigate it.
 
The security of the game is of utmost importance to us, therefore we are going to explore this thoroughly.
 
We will keep you updated!  


____Green____ #14 Posted 21 February 2018 - 01:12 PM

    Lance-corporal

  • Player
  • 15061 battles
  • 73
  • [L-G-N] L-G-N
  • Member since:
    01-12-2014

WG uses malware for monitoring background processes to catch cheaters, w**packers? :D 

 

Its bad, bad, bad....

bad, but good solution. :D Nice!

 

 



KillingJoker #15 Posted 21 February 2018 - 01:36 PM

    Second Lieutenant

  • Player
  • 28997 battles
  • 1,149
  • Member since:
    09-07-2015
I bet that mallware warning must be related to the obj 257 files since we all know its a broken piece of software

SlenderMoose #16 Posted 21 February 2018 - 01:58 PM

    Staff Sergeant

  • Player
  • 51906 battles
  • 335
  • [3V] 3V
  • Member since:
    05-04-2011
It get's better:



DexterHartmann #17 Posted 21 February 2018 - 02:37 PM

    Private

  • Player
  • 17308 battles
  • 4
  • [FA-PT] FA-PT
  • Member since:
    04-04-2012

View PostSlenderMoose, on 21 February 2018 - 12:58 PM, said:

It get's better:

 

I have the same problem :(

 



Strappster #18 Posted 21 February 2018 - 02:38 PM

    General

  • Player
  • 23609 battles
  • 8,782
  • [WJDE] WJDE
  • Member since:
    10-20-2015
I started the launcher on reading this thread and it initially told me that it couldn't connect to download updates, then 5 minutes later it popped up a message telling me it was updating Tanks and got on with it. Finished and all seems fine now.

DexterHartmann #19 Posted 21 February 2018 - 02:39 PM

    Private

  • Player
  • 17308 battles
  • 4
  • [FA-PT] FA-PT
  • Member since:
    04-04-2012

View PostDexterHartmann, on 21 February 2018 - 01:37 PM, said:

 

I have the same problem :(

 

 

Uhhh...had.

Seconds after the post above, I clciked the restart icon next to the Play button, for the 10th time, and it just started now :O.

Guess wg servers might have some to do it idk... Hope it works :)



imendars #20 Posted 21 February 2018 - 02:52 PM

    Second Lieutenant

  • Player
  • 10939 battles
  • 1,071
  • [T-D-U] T-D-U
  • Member since:
    04-17-2014
Some of the server hamsters drunk too much milk it seems. :trollface:




1 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users