pad152 Posted March 18, 2010 Share Posted March 18, 2010 Malwarebytes Anti-Malware is reporting Trojan.VKHost Database version: 3873 Windows 5.1.2600 Service Pack 3 Files Infected: F:\Program Files\Battlefront\Strategic Command WWII Global Conflict Demo\Misc\regsvr32_dx7vbdll.exe (Trojan.VkHost) -> No action taken. Link to comment Share on other sites More sharing options...
Hubert Cater Posted March 18, 2010 Share Posted March 18, 2010 Hi Pad152, I've scanned this file on my end with AVG and even Max Secure Spyware Detector and I'm not getting this type of hit. I'm tempted to chalk this one up to a 'false' positive by your Anti-Malware program as this is the first report of this kind after thousands of downloads for the Demo. Some background info on the file, it is just a simple EXE to register the required DLL and is then removed from your system once the Demo is fully installed so I'm a little surprised by the report considering the context as well. Anyone else? Hubert Link to comment Share on other sites More sharing options...
Emperor Elliott Posted March 18, 2010 Share Posted March 18, 2010 Ya i used to have that problem for i while Link to comment Share on other sites More sharing options...
pad152 Posted March 18, 2010 Author Share Posted March 18, 2010 Odd, I have other software from Battlefront and just purchased the Brit & Marine add-on for Shock Force a few weeks ago, yet MalwareBytes only seems to flag this one with a issue. My Anti-virus software MS-security Essentials didn't flag it either. I've seen MalwareBytes find things (real stuff) other security software doesn't. This is the first time I've seen a false/positive with it, maybe someone from Battlefront should contact them to see if there is an issue and/or see this doesn't get flagged in the future, most likely it's just the license system. Link to comment Share on other sites More sharing options...
Hubert Cater Posted March 18, 2010 Share Posted March 18, 2010 The file in question is specific to this release only but I will look into it a bit further. I'm scanning with MalwareBytes free edition to see what I can find on my end. Link to comment Share on other sites More sharing options...
Hubert Cater Posted March 18, 2010 Share Posted March 18, 2010 Just an update that the file did show up as you mentioned in the MalwareBytes scan and I've contacted them to see if they can remove it from their database. Note, I misspoke when I mentioned that the file is removed upon installation, it is not but you can feel free to remove it as it is no longer needed once the game is installed. Link to comment Share on other sites More sharing options...
Hubert Cater Posted March 19, 2010 Share Posted March 19, 2010 Just a quick update that I heard back from MalwareBytes and after running a few tests on my end and submitting log files they have reported the trojan report will be fixed. Link to comment Share on other sites More sharing options...
heatrr Posted May 4, 2010 Share Posted May 4, 2010 Just an update....being the last to post here was made by Hubert on 3/19 and it is now 4/3... Just ran my Malwarebytes and guess what? http://i44.tinypic.com/2hdpuf5.jpg http://i43.tinypic.com/7108kz.jpg Btw, 1) I bought the game; not the demo. 2) I deleted it [the trojan] and SC:GC still works fine. Link to comment Share on other sites More sharing options...
Moon Posted May 4, 2010 Share Posted May 4, 2010 heatrr, it's not a trojan. It's a false positive. Link to comment Share on other sites More sharing options...
Hubert Cater Posted May 4, 2010 Share Posted May 4, 2010 I'm surprised since after I contacted them and re-ran my malware bytes scan it no longer showed up. Are you running the most up to date version of Malware bytes with the most up to date definition files? Link to comment Share on other sites More sharing options...
heatrr Posted May 4, 2010 Share Posted May 4, 2010 Yes, Hubert, I am running the most updated version. It is a no biggie to me anyhow. Just posted what I did for an fyi. Link to comment Share on other sites More sharing options...
lordxorn Posted August 7, 2010 Share Posted August 7, 2010 I know this is a bit of a necro'd post, but it is still relevant because I am getting false positive with the latest version. I started a thread on Malwarebytes forums. http://forums.malwarebytes.org/index.php?showtopic=59248&st=0&gopid=297006entry297006 Link to comment Share on other sites More sharing options...
Hubert Cater Posted August 9, 2010 Share Posted August 9, 2010 Thanks for the report lorxorn, I'm surprised to hear that it popped back up in their definitions and hopefully they'll fix that again. The good news is that in the future the code has changed on our end so that it should no longer pop up as a potential threat under Malwarebytes, i.e. we identified the code it didn't like and made the necessary adjustments. Link to comment Share on other sites More sharing options...
Recommended Posts