Jump to content
You need to play a total of 20 battles to post in this section.
Velfurious

Can someone explain this Malwarebytes detection?

10 comments in this topic

Recommended Posts

9
[RCNW]
Members
6 posts
11,466 battles

This popped up when I clicked play in the Wargaming Game Center:

 image.png.68ff1b38f841d9222b1aafdd7b3fbb8f.png

Anyone with Wargaming want to explain?

Really hate to have to uninstall...

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 7/6/20
Protection Event Time: 10:13 AM
Log File: 7d39fb30-bf8a-11ea-a2db-4cedfb79ac2a.json

-Software Information-
Version: 4.1.0.56
Components Version: 1.0.955
Update Package Version: 1.0.26479
License: Premium

-System Information-
OS: Windows 10 (Build 18362.900)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, C:\ProgramData\Wargaming.net\GameCenter\wgc.exe, Blocked, -1, -1, 0.0.0

-Website Data-
Category: Trojan
Domain: 
IP Address: 62.16.41.210
Port: 62839
Type: Outbound
File: C:\ProgramData\Wargaming.net\GameCenter\wgc.exe

(end)

Share this post


Link to post
Share on other sites
3,497
[RKLES]
Members
12,551 posts
14,267 battles

I can explain it perfectly, Wargaming is a Russian company, and all the game code is written over in Saint Petersburg. So naturally that is going to trigger some odd alerts. Lol my systems were going crazy during an update as it detected IP addresses from  Rio de Janeiro, Brazil and some place in Russia. Which the Rio alert was likely WG South American HQ and the Russian one was likely from their main office.

Share this post


Link to post
Share on other sites
364
[KMS]
Beta Testers
291 posts
16,700 battles

I HAVE NOT  used malwarebytes in some time, but since no one else has answered yet.....

obviously a false positive based on activity, a price you pay for proactive anti virus that works on id behavior rather than just lists.

not used in a few years so hope someone who has responds, but there should be a way to override or tell malwarebytes that game center has you permission to do this and is exempt from firewall restrictions. and unblock the website. perhaps go to Malwarebytes site and forum for how.

also check for firewall permission in windows and any other security programs and settings.

but if you have been playing for awhile and this just started they should be ok

 

till a better solution it may be possible to disable Malwarebytes while playing, but only do that if it is a secondary security program working with another antivirus.

Share this post


Link to post
Share on other sites
2,266
[WOLF5]
Supertester
4,134 posts
4,089 battles

I'm sure the WGC talking to the Russian server trips all kinds of firewall alerts. You're going to have to allow that exception.

Share this post


Link to post
Share on other sites
1
[BOYD]
Members
2 posts
3,615 battles

I'm seeing the alert as well.  Wargaming.net needs to contact Malewarebytes and resolve the issue, unless they really are uploading trojans.... just because a company is located in a certain country it should not trigger an alert.

Share this post


Link to post
Share on other sites
746
[WULUF]
[WULUF]
Members
1,267 posts

Its a false positive.

Also, this is why I no longer use Malwarebytes... this happens far too often with that software. I used and online detector and it came up clean.

There may be two causes for this... the first is that so many sites, GOOD sites, prevent attacks by malware uploaders that they use, basically, a firewall to prevent it. That means the firewall add-on for the forums or whatever has to contain some detection code, hence, numerous false positives. The second is those uploading the makware to try and infect the forums or site get fed up trying to breach the site, they report the site as being malicious... I ran a website with a firewall for years and had just that happen, resulting in browsers like FireFox being told my site was a "known malware" site... if they cannot infect or hack you... they try to destroy you.

WG.NET may be many things... but I trust them enough (right now) to never stoop to those levels... they don't need to... they are making money enough...

Don't forget, a WG.NET has a lot of money pass through its servers and many hackers, for example, would love to obtain a list of credit card numbers... so, be glad they are protecting you and your privacy.

Edited by kiwi1960

Share this post


Link to post
Share on other sites
4,877
[PVE]
[PVE]
Members
9,015 posts
22,578 battles

Wargaming titles gave my Mac fits with the amount of malware and virus warnings. At one point, I had to turn "Snitch" off due to the overload of warning messages. All that prompted me to buy a PC just to install their games on. I use it only for gaming and it has no logon information for anything save those game titles. I can not shop on it, can not check email, can not log onto anything that isn't Wargaming, and has zero personal information stored on it other than what is required by WG. The gaming PC is isolated from the rest of the network so it gives me much peace of mind and I can use my Mac with no worries about being spammed with warning messages......

Share this post


Link to post
Share on other sites
1,123
[CVA16]
Members
5,392 posts
16,221 battles

Just checking the forums set off  alarm bells with IT on my work computer. due to blacklisted Russian sites. So no more of that at lunchtime.

Share this post


Link to post
Share on other sites
Members
3,589 posts
13,004 battles
27 minutes ago, Sabot_100 said:

Just checking the forums set off  alarm bells with IT on my work computer. due to blacklisted Russian sites. So no more of that at lunchtime.

Weird, this site is hosted in like California.

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×