Jump to content

False-positive? Flight Simulator 2020 - PDM:Exploit.Win32.Generic.nblk


CronoK
Go to solution Solved by Danila T.,

Recommended Posts

Hi,

 

yesterday Flight Simulator 2020 (i got Steam Version) got updated. After starting the game KIS (2020 and 2021, newest database) found PDM:Exploit.Win32.Generic in “flightsimulator.exe”. The activity monitor flagged it as “suspicious behavior” and deleted the exe. Theres also a list of reg-entries (HKLM\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\...) in the monitor. So maybe the way Flight Simulator corresponds with its servers made KIS think its a trojan.

 

I could start/play the game before the update without any issues.

Link to comment
Share on other sites

  • Replies 64
  • Created
  • Last Reply

Top Posters In This Topic

Hello,

Does “flightsimulator.exe” is trusted by KSN. I think this version update caused this problem. As a result of this update, the original file in the trusted zone has been changed, and it is not in the trusted file zone, so behavior detection will list it as a suspicious object and be detected.

If you have provided ”flightsimulator.exe” to KL via support platform, They can fix it asap.

Regards.

Link to comment
Share on other sites

Hello,

Does “flightsimulator.exe” is trusted by KSN. I think this version update caused this problem. As a result of this update, the original file in the trusted zone has been changed, and it is not in the trusted file zone, so behavior detection will list it as a suspicious object and be detected.

If you have provided ”flightsimulator.exe” to KL via support platform, They can fix it asap.

Regards.


I have provided it in scope of my ticket.

Link to comment
Share on other sites

Hello,

Same problem here.

Database updated 20 minutes ago and my FlightSimulator.exe is deleted all the time.

md5sum FlightSimulator.exe
0d36a08088e9453cebf26af7062b9793  FlightSimulator.exe


sha1sum FlightSimulator.exe
228930a26577b2daae510ef0b8592cebb5f32e58  FlightSimulator.exe

 

sha256sum FlightSimulator.exe

0dc6fe184b0d52b173c080bbe41ed6ca4604b232989068e1ba6c9575a356ca80  FlightSimulator.exe
 

 

Best Regards

TaKeN

Link to comment
Share on other sites

Hello Berny,

Yep yep i exclude directory from Kaspersky don`t worry i know this… i just want to report Kaspersky Antivirus with newlatest version of db still delete files… noone from Your company do anything with this.

 

Best Regards

TaKeN

Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now



×
×
  • Create New...