trojan Trojan:Win32/Pocyx.F!plock

[eruditas]

Hello, guys and gals,

After update today, Windows 10 default antivirus/antimalware/w\e application "Windows defender" reported that your updater is infected with trojan. Image attached.

Even if we do not believe you're trying to put harmful software on our computers (which i have doubts about), your client should not be treated as trojan by default security software, am I right? Putting reported trojan into "allowed items" section is not a solution also.

This has happened on windows 10, which, I assume, majority of your players are using.

[Koll]

Hello. We know about it. This is because Updater have self update option. We are now working on another updater. It mustn't have this problem.

[chevignon]

Eru btw windows 10 himself is the biggest trojaner u could get...

Windows 10 is like cancer and no one should use it.

[eruditas]

Hello. We know about it. This is because Updater have self update option. We are now working on another updater. It mustn't have this problem.

​Lots of software have self-update function (example - league of legends). Don't bullsh*t the bullsh*tter (its just an expression, not an insult). Just make it work, so people who are less tech-savvy will not have any problems with this

Eru btw windows 10 himself is the biggest trojaner u could get...

Windows 10 is like cancer and no one should use it.

​I'm using gentoo as my main OS. Windows is just for gaming. And it's only an operating system, you could modify win to act as any other windows version (remove their stupid one drive, disable telemetry, etc.

For example, to remove one drive make a .bat file:

 

@echo off
cls

set x86="%SYSTEMROOT%\System32\OneDriveSetup.exe"
set x64="%SYSTEMROOT%\SysWOW64\OneDriveSetup.exe"

echo Closing OneDrive process.
echo.
taskkill /f /im OneDrive.exe > NUL 2>&1
ping 127.0.0.1 -n 5 > NUL 2>&1

echo Uninstalling OneDrive.
echo.
if exist %x64% (
%x64% /uninstall
) else (
%x86% /uninstall
)
ping 127.0.0.1 -n 5 > NUL 2>&1

echo Removing OneDrive leftovers.
echo.
rd "%USERPROFILE%\OneDrive" /Q /S > NUL 2>&1
rd "C:\OneDriveTemp" /Q /S > NUL 2>&1
rd "%LOCALAPPDATA%\Microsoft\OneDrive" /Q /S > NUL 2>&1
rd "%PROGRAMDATA%\Microsoft OneDrive" /Q /S > NUL 2>&1 

echo Removing OneDrive from the Explorer Side Panel.
echo.
REG DELETE "HKEY_CLASSES_ROOT\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}" /f > NUL 2>&1
REG DELETE "HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}" /f > NUL 2>&1

pause

Sorry for offtopic.

[Koll]

You can make updater with more then 1 programming language. Microsoft Defender think that auto update code on this language is trojan.

[eruditas]

You can make updater with more then 1 programming language. Microsoft Defender think that auto update code on this language is trojan.

​It's packed with UPX and written in Delphi
Code cannot be treated as a trojan, compiled program can. It doesn't matter which programming language you use (c, c#, c++) as long as your binary code does not violate anything.

[Koll]

And what our code is violate. And why only windows defender see it like virus?

[eruditas]

And what our code is violate. And why only windows defender see it like virus?

​Give me source code, i will tell for certain price. Are you sure only windows defender? If you are not certain about some facts, do not tell them.

Jiangmin	TrojanDownloader.Genome.aczl	20151211
Malwarebytes	Spyware.OnlineGames	20151212
McAfee-GW-Edition	BehavesLike.Win32.SMSFraud.tc	20151212
Qihoo-360	HEUR/QVM05.1.Malware.Gen	20151212
SUPERAntiSpyware	Trojan.Agent/Gen-OnlineGames	20151212
nProtect	Trojan/W32.Agent.1821696.H	20151211

[Koll]

And what our code is violate. And why only windows defender see it like virus?

​Give me source code, i will tell for certain price. Are you sure only windows defender? If you are not certain about some facts, do not tell them.

Jiangmin	TrojanDownloader.Genome.aczl	20151211
Malwarebytes	Spyware.OnlineGames	20151212
McAfee-GW-Edition	BehavesLike.Win32.SMSFraud.tc	20151212
Qihoo-360	HEUR/QVM05.1.Malware.Gen	20151212
SUPERAntiSpyware	Trojan.Agent/Gen-OnlineGames	20151212
nProtect	Trojan/W32.Agent.1821696.H	20151211

​We don't need this info especially for money. As I tell you we are working on another updater that will not have this problem.

[Spakainas]

Here some stuff from symantec enterprise level av. I can't use your updater. I never had a chance to report this, but looks like it's good topic for that.

[1234]

And what our code is violate. And why only windows defender see it like virus?

​

 

this program want two much access witch don't need to... probably WD defend  the default's ... this shi** try to insert

with Comodo defens+ see every file communication //RECOMEND//

[Matek]

This is known problem with lineage since day 1. Most anty virus soft recognize l2 updaters, game guards as trojans simply because they act in a very similar way. If you downloaded your client from website link you shouldn't have any problems. Instead of trying to prove a point, just sandbox l2 if it's such a big problem for you and enjoy the game, otherwise I'm asking all other people to stop feeding the troll. TY

[lootpk]

Hello. We know about it. This is because Updater have self update option. We are now working on another updater. It mustn't have this problem.

​Do you have any further information about when the next updater will be implemented?

I agree, along with many users, that this server must not have this problem with the updater being detected as "Trojan:Win32/Pocyx.F!plock"

[EvanStathem]

Trojan:Win32/Pocyx.F!plock is such a nasty Trojan virus. it can do major harm to your computer. it is brutal threat that can delete important system and block useful system programs. it can also steal your personal information and send to hacker. Remove this threat immediately from your computer. 

http://www.uninstallbrowserinfection.com/how-can-i-get-rid-of-trojanwin32pocyx-fplock-trojanwin32pocyx-fplock-removal-help