Jump to content
You need to play a total of 20 battles to post in this section.
mykil

WOW Trojans, wth?

By mykil, in Game Support and Bug Reporting

15 comments in this topic

Recommended Posts

mykil
33
[-TXT-]

mykil

Alpha Tester
67 posts
23,487 battles
Posted

picture of my ping plotter when I fire up World of Warships, as well, Malwarebytes blocks trojans from this app as well. every time I open it, does anyone else get these? what the fuk is going on with the these guys that they need to hack our systems? yoUntitled-1.thumb.jpg.4b005e7dda2b7181ae9315301c9e0caa.jpgu can see it the moment I open it, there is no download scheduled, so that is not a reason, you can see when I close it, then open it a second time, plane as day, WFT.

  • Confused 1

Share this post

Link to post
Share on other sites
Compassghost
2,833

Compassghost

SuperTest Coordinator, Beta Testers
6,423 posts
11,483 battles
Posted

I can’t see the IPs it’s connecting to, but assuming it’s logging in to your account, it also has to fetch all your account information, like ships in port, equipped modifications, preferences, cosmetics, selected dock, currencies, captains, and daily missions.

I can audit all the IPs but I’m going to need to see more than the first two digits.

Share this post

Link to post
Share on other sites
Rollingonit
1,403

Rollingonit

Members
3,784 posts
13,715 battles
Posted
16 minutes ago, mykil said:

picture of my ping plotter when I fire up World of Warships, as well, Malwarebytes blocks trojans from this app as well. every time I open it, does anyone else get these? what the fuk is going on with the these guys that they need to hack our systems? yoUntitled-1.thumb.jpg.4b005e7dda2b7181ae9315301c9e0caa.jpgu can see it the moment I open it, there is no download scheduled, so that is not a reason, you can see when I close it, then open it a second time, plane as day, WFT.

 

8 minutes ago, Compassghost said:

I can’t see the IPs it’s connecting to, but assuming it’s logging in to your account, it also has to fetch all your account information, like ships in port, equipped modifications, preferences, cosmetics, selected dock, currencies, captains, and daily missions.

I can audit all the IPs but I’m going to need to see more than the first two digits.

giphy.gif

Share this post

Link to post
Share on other sites
mykil
33
[-TXT-]

mykil

Alpha Tester
67 posts
23,487 battles
Posted

This is not when I log into the game, this is when I log into war gaming  game center

Share this post

Link to post
Share on other sites
Compassghost
2,833

Compassghost

SuperTest Coordinator, Beta Testers
6,423 posts
11,483 battles
Posted
6 minutes ago, mykil said:

This is not when I log into the game, this is when I log into war gaming  game center


Have you turned off the auto update? Try turning that and the automatic seeding off and see if those go away.

Share this post

Link to post
Share on other sites
DeathLord1969
123

DeathLord1969

Members
985 posts
4,090 battles
Posted (edited)

Ok, I am confused. Pingplotter works by IP address, so how is that info in the pic from the game center??? You can't ping the WGC. Plus it says you're pinging google.com.

Edited by DeathLord1969

Share this post

Link to post
Share on other sites
Rollingonit
1,403

Rollingonit

Members
3,784 posts
13,715 battles
Posted
40 minutes ago, DeathLord1969 said:

Ok, I am confused. Pingplotter works by IP address, so how is that info in the pic from the game center??? You can't ping the WGC. Plus it says you're pinging google.com.

Yah. Couldnt figure out what OP wanted us or support to do with a picture of a traceroute to google. lol

Share this post

Link to post
Share on other sites
DeathLord1969
123

DeathLord1969

Members
985 posts
4,090 battles
Posted (edited)
14 minutes ago, Rollingonit said:

Yah. Couldnt figure out what OP wanted us or support to do with a picture of a traceroute to google. lol

IKR? Pingplotter doesn't do anything until an IP or url is entered. Opening apps does nothing.
UNLESS, he had google open and being traced and when he opened the WGC, that happened? But it looks like a bad node at #5.

Edited by DeathLord1969

Share this post

Link to post
Share on other sites
mykil
33
[-TXT-]

mykil

Alpha Tester
67 posts
23,487 battles
Posted

there is a new download, I did not see, WOT's, still does not explain why my virus scan picks up a virus every time I open it?

Share this post

Link to post
Share on other sites
evanr1940
153
[PVE]

evanr1940

Members
563 posts
10,581 battles
Posted
1 hour ago, mykil said:

there is a new download, I did not see, WOT's, still does not explain why my virus scan picks up a virus every time I open it?

Virus scanners have both false positives and false negatives.

Share this post

Link to post
Share on other sites
mykil
33
[-TXT-]

mykil

Alpha Tester
67 posts
23,487 battles
Posted

is this a false wg.jpg.e46ada0243f05f40afa91fde6b15615e.jpgwg.jpg.3ad389d8636e3ddabd5fabd8ebc5354f.jpg, each and every time I open gaming center? 

Share this post

Link to post
Share on other sites
mykil
33
[-TXT-]

mykil

Alpha Tester
67 posts
23,487 battles
Posted

another day, another IP address, seriously wth, every time it blocks a different IP address, WHY?

Untitled-1.jpg

Share this post

Link to post
Share on other sites
scoots76
10
[TWWB]

scoots76

Members
102 posts
Posted (edited)

In Game Center look under update options.. You will notice the "No Uploading" toggle.... Chances are once you enable this you should see less of that second one you posted.

 

You also maybe misreading the information given by Malwarebytes. It isn't saying that game center is a virus, it is blocking a connection to an IP address that (per what ever viral definitions created by Malwarebytes) has labeled it a virus (or viral like activity, it looks like a "generic" detection in your case which typically is a false positive). A similar (though not exact) example is like running my own mail server on my residential IP address. It gets blacklisted on spamhaus and etc, so all of a sudden all the email I send gets flagged as spam by everyone. In reality the only reason why it is blacklisted is I am using a dynamic IP address and not a static one, so it's a false positive.
 

It's a high probability that it's a false positive and only Malwarebytes can tell you why that is (as well as issue a correction to the detection databases they use). You could also configure Malwarebytes to allow/ignore Game Center in it's scans so you don't see this anymore. 

 

As an FYI for those interested

  • First IP address of 218.23.109.66 is allocated to China.
  • Second IP address 59.23.24.187 is allocated to Korea.

 

Edited by scoots76

Share this post

Link to post
Share on other sites
Navalpride33
6,233
[WORX]

Navalpride33

Members
11,357 posts
19,064 battles
Posted
On 10/19/2020 at 7:58 PM, mykil said:

is this a false wg.jpg.e46ada0243f05f40afa91fde6b15615e.jpgwg.jpg.3ad389d8636e3ddabd5fabd8ebc5354f.jpg, each and every time I open gaming center? 

That malware company is known to create false positive attacks... In fact, the whole malware/anti virus industry are known for creating files to trigger false positives. 

 

 

Share this post

Link to post
Share on other sites
Go To Topic Listing Game Support and Bug Reporting

  • Recently Browsing   0 members

    No registered users viewing this page.

×