Yeet_Yap1 Posted November 17, 2020 ID:1421383 Share Posted November 17, 2020 Just now, Yeet_Yap1 said: For me war thunder was flagged as a Trojan at first but immediately after I got another notification saying that it is compromised, I downloaded the game from Steam here is the file : Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 11/17/20 Protection Event Time: 4:37 PM Log File: 2f1fd160-28b0-11eb-8929-dc4a3e5fe4c4.json -Software Information- Version: 4.2.3.96 Components Version: 1.0.1104 Update Package Version: 1.0.33014 License: Trial -System Information- OS: Windows 10 (Build 18362.959) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe, Blocked, -1, -1, 0.0.0, , -Website Data- Category: Compromised Domain: IP Address: 112.30.110.36 Port: 34186 Type: Outbound File: C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe (end) and here was the Trojan file (I actually got two Trojans, both sent at the same time but here is one of them): Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 11/17/20 Protection Event Time: 4:37 PM Log File: 2f139e2c-28b0-11eb-8296-dc4a3e5fe4c4.json -Software Information- Version: 4.2.3.96 Components Version: 1.0.1104 Update Package Version: 1.0.33014 License: Trial -System Information- OS: Windows 10 (Build 18362.959) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe, Blocked, -1, -1, 0.0.0, , -Website Data- Category: Trojan Domain: IP Address: 120.63.157.52 Port: 20668 Type: Outbound File: C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe (end) (PS: Ever since I got War Thunder, all my games have been glitching out either by having visual bugs or other stuff but its gone now) Its probably bc I broke my PC screen on the same day I got War Thunder but I just wantedto point that out) Link to post Share on other sites More sharing options...
Staff JPopovic Posted November 17, 2020 Staff ID:1421408 Share Posted November 17, 2020 Hello, VirusTotal detects some potentially malicious files for 112.30.110.36 IP address. Here is the link to one of those files: http://112.30.110.36:54831/Mozi.a And here is the VT detection of that file: https://www.virustotal.com/gui/file/12013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0ef/detection This file also: http://112.30.110.36:54831/Mozi.m/ Due to that we wouldn't be able to remove the block from 112.30.110.36. The other IP address (120.63.157.52) looks clean now and the block will be removed. Thank you! Link to post Share on other sites More sharing options...
SteveS_66 Posted November 18, 2020 ID:1421609 Share Posted November 18, 2020 I got eight (8) potential threats blocked for WT Launcher on Tuesday after the latest update. I seem to get them constantly but the game still works fine, so don't worry about them. Malwarebytes even quarantined two (2) items "bpreport.exe" & "latest.zip" on 29/10/20 and the game still worked fine. Seems weird how they include all dodgy files in the updates, but they don't seem to affect the game at all if blocked or quarantined. Anyway, new WT update looks good with DLSS now. Just a shame all my tanks are made of paper mache....apparently...😁. Link to post Share on other sites More sharing options...
SteveS_66 Posted November 18, 2020 ID:1421612 Share Posted November 18, 2020 @Yeet_Yap1yeah, I used to play on a laptop & it used to struggle with WT, esp. when I found out the HD Drive was damaged. I replace it with a SSD & that helped heaps. Maybe check to see if your HD is damaged at all (you mentioned you may have damaged it)? I splurged on a new desktop with RTX 2070S (although now I wish I'd waited for the 3000 series..doh) & it makes the world of difference having a decent graphics card & memory etc. Hopefully see you on the battlefield. Cheers. Link to post Share on other sites More sharing options...
Manaphy0220 Posted November 18, 2020 Author ID:1421615 Share Posted November 18, 2020 @thisisu Sorry for answering after such a long time. Were my files clear as well as those of the other user? Link to post Share on other sites More sharing options...
SteveS_66 Posted December 21, 2020 ID:1428463 Share Posted December 21, 2020 Just got the latest update for War Thunder (2.3.0.27) & got another eleven (11) Potential threats blocked (malicious websites). Pretty annoying but eh, merry Xmas everyone & here's to a better year then 2020. See you on the battlefield:-) Link to post Share on other sites More sharing options...
kibaxinuzuka1 Posted January 25, 2022 ID:1499152 Share Posted January 25, 2022 I'm getting Trojan and Malware warnings when I'm updating War Thunder but I think it might be because War Thunder use peer-to-peer connection like World of Warships does I had download the file and check it on Virustotal website and it come back clean Link to post Share on other sites More sharing options...
Porthos Posted January 25, 2022 ID:1499153 Share Posted January 25, 2022 7 minutes ago, kibaxinuzuka1 said: I think it might be because War Thunder use peer-to-peer connection like World of Warships does You may exclude Torrent based software from the Web Protection component in Malwarebytes to stop the blocks from happening without compromising your protection (your web browser and other critical web facing programs will still be fully protected from malicious websites and other malicious content). To do so, add the game exe to your exclusions using the method described under the Exclude an Application that Connects to the Internet section of this support article. Link to post Share on other sites More sharing options...
kibaxinuzuka1 Posted January 25, 2022 ID:1499155 Share Posted January 25, 2022 1 minute ago, Porthos said: You may exclude Torrent based software from the Web Protection component in Malwarebytes to stop the blocks from happening without compromising your protection (your web browser and other critical web facing programs will still be fully protected from malicious websites and other malicious content). To do so, add the game exe to your exclusions using the method described under the Exclude an Application that Connects to the Internet section of this support article. It doesn't bother me as I seen it with World of Warships before and they told why it does so I'm not too worried about it I don't want to do that as it come up with different IP addresses so I don't mind Malwarebytes to block them as it show that it is doing what it should be doing Link to post Share on other sites More sharing options...
Porthos Posted January 25, 2022 ID:1499156 Share Posted January 25, 2022 2 minutes ago, kibaxinuzuka1 said: It doesn't bother me as I seen it with World of Warships before and they told why it does so I'm not too worried about it I don't want to do that as it come up with different IP addresses so I don't mind Malwarebytes to block them as it show that it is doing what it should be doing You posted like you wanted a fix. If you are not looking for help why did you post on a over one year old topic? Link to post Share on other sites More sharing options...
kibaxinuzuka1 Posted January 25, 2022 ID:1499157 Share Posted January 25, 2022 Just now, Porthos said: You posted like you wanted a fix. If you are not looking for help why did you post on a over one year old topic? I panic about it then realise I had the same problem before Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now