Jump to content

Virus within trose.exe


Recommended Posts

First it happened on one of our laptops running AVG virus protection saying there was virus in the trose.exe file. Now it just happened on my gaming pc where Windows security says there is a virus in the trose.exe file.

My question is what is all of a sudden in the trose.exe file to make them quarantine the trose.exe file?

 

additional info i found:

Typical behavior for Trojans like Trojan:Win32/Acll is one or more of the following:

Download and install other malware.

Use your computer for click fraud.

Record your keystrokes and the sites you visit.

Send information about your PC, including usernames and browsing history, to a remote malicious hacker.

Give remote access to your PC.

Advertising banners are injected with the web pages that you are visiting.

Use your computer to mine cryptocurrencies.

 

 

Screenshot 2024-04-16 192844.png

Edited by MagicianTrent
Link to comment
Share on other sites

23 hours ago, MagicianTrent said:

First it happened on one of our laptops running AVG virus protection saying there was virus in the trose.exe file. Now it just happened on my gaming pc where Windows security says there is a virus in the trose.exe file.

My question is what is all of a sudden in the trose.exe file to make them quarantine the trose.exe file?

 

additional info i found:

Typical behavior for Trojans like Trojan:Win32/Acll is one or more of the following:

Download and install other malware.

Use your computer for click fraud.

Record your keystrokes and the sites you visit.

Send information about your PC, including usernames and browsing history, to a remote malicious hacker.

Give remote access to your PC.

Advertising banners are injected with the web pages that you are visiting.

Use your computer to mine cryptocurrencies.

 

 

Screenshot 2024-04-16 192844.png

We added a security measure with the latest patch that is causing these false positives.  Here is how Lazy explained it on Discord
 

Quote

Themida is an industry standard tool to protect executables. It does some fancy technical things like "pack" the executable and protects some areas to prevent cheaters from modifying the game for cheats. The tool by itself is entirely safe (not safe for sanity of cheaters). Unfortunately some anti-virus incorrectly detect it as a virus since some people who make viruses also use themida. If you are having issues with your anti-virus please add an exclusion for trose.exe, the steps for this will depend on your anti-virus software. (edited)
Jump

To further explain and clarify
 

Quote

We incorporated themida into our client update on April 1st. We even included it in our patch notes so there is no ill-intent here. Unfortunately it currently does trigger false-positives with a few (not all) anti-viruses. This is something we are actively working on. Themida has a plethora of features that can be optionally enabled / disabled. We specifically chose this technology as compared to other more invasive technologies which install themselves as essentially a root kit on your machine (e.g. easy anti-cheat, battleye, denuvo, etc.). Our position is not in-favor of these kind of technologies and we operated the game for 16 months without any such solutions. Unfortunately, some players have forced our hand due to an increased amount of cheating in the game. This is one of our solutions to mitigate that problem and we continue to work on more.

You can safely continue to play ROSE after adding trose to the exception list

Link to comment
Share on other sites

29 minutes ago, HoneyBuns said:

We added a security measure with the latest patch that is causing these false positives.  Here is how Lazy explained it on Discord
 

To further explain and clarify
 

You can safely continue to play ROSE after adding trose to the exception list

what gets me is why did it just now start picking up as had no problem till today and have played most days this month

Link to comment
Share on other sites

Posted (edited)

Same here, had no issues until the day I posted. So makes me wonder what is happening behind the scenes to make it trigger as a virus.

 

And neither of my systems reported Themida as the cause, it reported Trojan:Acll as the issue.

Edited by MagicianTrent
  • Like 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...