MagicianTrent Posted April 17 Share Posted April 17 (edited) First it happened on one of our laptops running AVG virus protection saying there was virus in the trose.exe file. Now it just happened on my gaming pc where Windows security says there is a virus in the trose.exe file. My question is what is all of a sudden in the trose.exe file to make them quarantine the trose.exe file? additional info i found: Typical behavior for Trojans like Trojan:Win32/Acll is one or more of the following: Download and install other malware. Use your computer for click fraud. Record your keystrokes and the sites you visit. Send information about your PC, including usernames and browsing history, to a remote malicious hacker. Give remote access to your PC. Advertising banners are injected with the web pages that you are visiting. Use your computer to mine cryptocurrencies. Edited April 17 by MagicianTrent Link to comment Share on other sites More sharing options...
HoneyBuns Posted April 17 Share Posted April 17 23 hours ago, MagicianTrent said: First it happened on one of our laptops running AVG virus protection saying there was virus in the trose.exe file. Now it just happened on my gaming pc where Windows security says there is a virus in the trose.exe file. My question is what is all of a sudden in the trose.exe file to make them quarantine the trose.exe file? additional info i found: Typical behavior for Trojans like Trojan:Win32/Acll is one or more of the following: Download and install other malware. Use your computer for click fraud. Record your keystrokes and the sites you visit. Send information about your PC, including usernames and browsing history, to a remote malicious hacker. Give remote access to your PC. Advertising banners are injected with the web pages that you are visiting. Use your computer to mine cryptocurrencies. We added a security measure with the latest patch that is causing these false positives. Here is how Lazy explained it on Discord Quote Themida is an industry standard tool to protect executables. It does some fancy technical things like "pack" the executable and protects some areas to prevent cheaters from modifying the game for cheats. The tool by itself is entirely safe (not safe for sanity of cheaters). Unfortunately some anti-virus incorrectly detect it as a virus since some people who make viruses also use themida. If you are having issues with your anti-virus please add an exclusion for trose.exe, the steps for this will depend on your anti-virus software. (edited) Jump To further explain and clarify Quote We incorporated themida into our client update on April 1st. We even included it in our patch notes so there is no ill-intent here. Unfortunately it currently does trigger false-positives with a few (not all) anti-viruses. This is something we are actively working on. Themida has a plethora of features that can be optionally enabled / disabled. We specifically chose this technology as compared to other more invasive technologies which install themselves as essentially a root kit on your machine (e.g. easy anti-cheat, battleye, denuvo, etc.). Our position is not in-favor of these kind of technologies and we operated the game for 16 months without any such solutions. Unfortunately, some players have forced our hand due to an increased amount of cheating in the game. This is one of our solutions to mitigate that problem and we continue to work on more. You can safely continue to play ROSE after adding trose to the exception list Link to comment Share on other sites More sharing options...
Cargan Posted April 18 Share Posted April 18 29 minutes ago, HoneyBuns said: We added a security measure with the latest patch that is causing these false positives. Here is how Lazy explained it on Discord To further explain and clarify You can safely continue to play ROSE after adding trose to the exception list what gets me is why did it just now start picking up as had no problem till today and have played most days this month Link to comment Share on other sites More sharing options...
MagicianTrent Posted April 18 Author Share Posted April 18 (edited) Same here, had no issues until the day I posted. So makes me wonder what is happening behind the scenes to make it trigger as a virus. And neither of my systems reported Themida as the cause, it reported Trojan:Acll as the issue. Edited April 18 by MagicianTrent 1 Link to comment Share on other sites More sharing options...
Bonehead1 Posted April 18 Share Posted April 18 You can upload the .exe to VirusTotal if you want more information. https://www.virustotal.com/gui/file/2e04bebbf9b3e58f041a1988655bd2054a762da4cac66472c82e504958e8b625/behavior Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now