Kaspersky Plus is accusing Elder scrolls Online to be a trojan.

[Raika]

I'm not sure but this software has completely messed up my game.. the game that I've been playing for a long time, and it hasn't affected my computer at all. when I tried logging into the game from the launcher I received a warning message from Kaspersky Plus about a trojan... There was NO way for me to ignore the message.. it forced me to deal with the problem... since then I've been struggling to start up my game.

 

Here is the text

 

Event: A backup copy of the object was created
Application: ESO
User: DESKTOP-73L625R\Raijin
User type: Initiator
Component: System Watcher
Result description: Backup copy created
Type: Trojan
Name: PDM:Trojan.Win32.Bazon.a
Threat level: High
Object type: Process
Object path: C:\Program Files (x86)\Steam\steamapps\common\Zenimax Online\The Elder Scrolls Online\game\client
Object name: eso64.exe
MD5: D0928B79E160A5BC8ECABFFD965765DD

I'm having trouble finding the "backup copy" in my client folder... apparently, Kaspersky Plus deleted the "eso64.exe" file which caused my game to no longer work for me.

 

This is a false report that caused me to be unable to play my game.

[Raika]

I've repaired my game and again... the same message reappears... does NOT let me ignore the message.

[MID]

Good day!

I am having the same issue. Please take notice of this, and fix this right away! I do not want to disable Kaspersky, but I also want to play this game that I have been playing for a long time now without any issue, so address this problem right away, please!

[Flood and Flood's wife]

1 hour ago, Raika said:

I'm not sure but this software has completely messed up my game.. the game that I've been playing for a long time, and it hasn't affected my computer at all. when I tried logging into the game from the launcher I received a warning message from Kaspersky Plus about a trojan... There was NO way for me to ignore the message.. it forced me to deal with the problem... since then I've been struggling to start up my game.

Name: PDM:Trojan.Win32.Bazon.a

MD5: D0928B79E160A5BC8ECABFFD965765DD

 

Hello @Raika,

Welcome back!

Correct, PDM alerts do not have an *Ignore* option, PDM issues need to be analysed by Kaspersky Virus Lab experts.

https://www.virustotal.com/gui/file/2ac1d0771aa82c74e06fea95064a95006f091eea943f9db4457181940ea9b849

1.  Please do the following: log a request with Kaspersky Customer Service, https://support.kaspersky.com/b2c#contacts  - on the support page, select either Chat or Email, then fill in template as shown in the image below - please include any screen images of the error & a *detailed history*. Support may request logs, READ: Files to send to Kaspersky technical support in case of PDM malware detection, traces & other data; they will guide you                                                                                                                                                    

Please share the outcome with the Community, when it's available? 

Thank you🙏
Flood🐳+🐋

25 minutes ago, MID said:

I am having the same issue. 

Hello @MID, 

Welcome!

Log a request with Kaspersky Customer Service, https://support.kaspersky.com/b2c#contacts  - on the support page, select either Chat or Email, then fill in template as shown in the image below - please include any screen images of the error & a *detailed history*. Support may request logs, READ: Files to send to Kaspersky technical support in case of PDM malware detection, traces & other data; they will guide you: 

Please share the outcome with the Community, when it's available? 

Thank you🙏
Flood🐳+🐋

Edited June 4 by Flood and Flood's wife
formatting

[Raika]

2 часа назад, Флад и жена Флада сказал:

Привет@Райка,

Добро пожаловать!

Правильно, в оповещениях PDM нет опции *Игнорировать*,  проблемы с PDM  должны быть проанализированы экспертами  Вирусной лаборатории Касперского . 

https://www.virustotal.com/gui/file/2ac1d0771aa82c74e06fea95064a95006f091eea943f9db4457181940ea9b849

1.  Пожалуйста, сделайте следующее:  отправьте запрос в  Службу поддержки Касперского ,  https://support.kaspersky.com/b2c#contacts   – на странице поддержки выберите «Чат» или «Электронная почта», затем заполните шаблон, как показано на изображении ниже – пожалуйста. включите любые изображения экрана с ошибкой и * подробную историю *. Служба поддержки может запросить журналы. ЧИТАЙТЕ:  файлы для отправки в службу технической поддержки «Лаборатории Касперского» в случае обнаружения вредоносного ПО PDM , следов и других данных; они будут вести вас                                                                                                                                                    

Пожалуйста, поделитесь результатом с сообществом, когда он будет доступен? 

Спасибо🙏
Наводнение🐳+🐋

Привет@MID, 

Добро пожаловать!

Зарегистрируйте запрос в  Службе поддержки Касперского ,  https://support.kaspersky.com/b2c#contacts   . На странице поддержки выберите «Чат» или «Электронная почта», затем заполните шаблон, как показано на рисунке ниже. Приложите все изображения экрана ошибка & * подробная история *. Служба поддержки может запросить журналы. ЧИТАЙТЕ:  файлы для отправки в службу технической поддержки «Лаборатории Касперского» в случае обнаружения вредоносного ПО PDM , следов и других данных; они проведут вас: 

Пожалуйста, поделитесь результатом с сообществом, когда он будет доступен? 

Спасибо🙏
Наводнение🐳+🐋

 

Я очень жду ответа, однако считаю, что экспертам Вирусной лаборатории Касперского (надеюсь, они читают форумы) следует немедленно связаться с Zenimax Online и узнать, что происходит, поскольку на данный момент пользователи Касперского не могут играть в Elder Scrolls онлайн. без полного закрытия программы. Kaspersky Plus продолжает удалять файл eso64.exe, необходимый для запуска игры.

 

Я также создал тему об этой проблеме на официальном форуме ESO.

https://forums.elderscrollsonline.com/en/discussion/659686/after-the-patch-my-kaspersky-plus-is-accusing-eso64-exe-of-being-a-trojan-anyone-else-having- этот

[Flood and Flood's wife]

3 hours ago, Raika said:

Я очень жду ответа, однако считаю, что экспертам Вирусной лаборатории Касперского (надеюсь, они читают форумы) следует немедленно связаться с Zenimax Online и узнать, что происходит, поскольку на данный момент пользователи Касперского не могут играть в Elder Scrolls онлайн. без полного закрытия программы.

Hello @Raika, 

Thank you for posting back!

We're not sure why you've decided to reply in Russian, in an English Forum & *after* your initial posts were in English. 

We understand Kaspersky continues to delete the exe, we did read what you wrote in your first posts; that does not stop you logging the issue with Kaspersky Customer Service, https://support.kaspersky.com/b2c#contacts - if they need the PDM files they will assist you to generate them. You can include the Kaspersky Report, when you log the incident. 

The sooner the issue is logged the sooner it will be analysed by Kaspersky's Virus Lab experts.

Please share the outcome with the Community, when it's available? 

Thank you🙏
Flood🐳+🐋

Edited June 4 by Flood and Flood's wife
grammar

[Raika]

3 hours ago, Flood and Flood's wife said:

Hello @Raika, 

Thank you for posting back!

We're not sure why you've decided to reply in Russian, in an English Forum & *after* your initial posts were in English. 

We understand Kaspersky continues to delete the exe, we did read what you wrote in your first posts; that does not stop you logging the issue with Kaspersky Customer Service, https://support.kaspersky.com/b2c#contacts - if they need the PDM files they will assist you to generate them. You can include the Kaspersky Report, when you log the incident. 

The sooner the issue is logged the sooner it will be analysed by Kaspersky's Virus Lab experts.

Please share the outcome with the Community, when it's available? 

Thank you🙏
Flood🐳+🐋

Hi I do not speak in Russia. I don't know why it turned out like that. That is not what I wrote. I had to edit my post because I forgot to add in something... by the time my post was approved (I don't know why my edit posts needs to be approved by the mods??? seems strange!)... it was in Russia for some strange reason.

 

Anyhow I simply said that kaspersky and Zenimax needs to talk and get something done... As of right now I can't play Elder scrolls online while I have my kaspersky Plus on, and it doesn't feel too good when I have it off.

[Flood and Flood's wife]

1 hour ago, Raika said:

I had to edit my post because I forgot to add in something... by the time my post was approved (I don't know why my edit posts needs to be approved by the mods??? seems strange!)... it was in Russia for some strange reason.

As of right now I can't play Elder scrolls online while I have my Kaspersky Plus on, and it doesn't feel too good when I have it off.

Anyhow I simply said that Kaspersky and Zenimax needs to talk and get something done...

Hello @Raika, 

Thank you for posting back!

Thank you for explaining the Russian language reply - sometimes posts need to be approved by the Mods, they make those decisions, it's clearly not a big issue as the post was approved, so nothing to be concerned about (ioo); as for the text turning into Russian, we don't know. 

We understand (you) cannot play the game(s) & turning Kaspersky Plus off so you can play "doesn't feel too good". 

We also understand you'd like Kaspersky's Virus Lab experts & the game developers to talk - IF (you) wish for the issue to be investigated by Kaspersky's Virus Lab experts please follow the advice provided in our previous posts. The sooner the issue is logged the sooner it will be analysed by Kaspersky's Virus Lab experts. 

Please share the outcome with the Community, when it's available? 

Thank you🙏
Flood🐳+🐋

[Raika]

9 hours ago, Flood and Flood's wife said:

Hello @Raika, 

Thank you for posting back!

Thank you for explaining the Russian language reply - sometimes posts need to be approved by the Mods, they make those decisions, it's clearly not a big issue as the post was approved, so nothing to be concerned about (ioo); as for the text turning into Russian, we don't know. 

We understand (you) cannot play the game(s) & turning Kaspersky Plus off so you can play "doesn't feel too good". 

We also understand you'd like Kaspersky's Virus Lab experts & the game developers to talk - IF (you) wish for the issue to be investigated by Kaspersky's Virus Lab experts please follow the advice provided in our previous posts. The sooner the issue is logged the sooner it will be analysed by Kaspersky's Virus Lab experts. 

Please share the outcome with the Community, when it's available? 

Thank you🙏
Flood🐳+🐋

I filed a report 10 hours ago via E/mail and so far I've not recieved a response from a human about the false positive report.

I did manage to figure out how to add the eso64.exe to the the exclusions list.. so I can start playing my game again, but I do hope that something gets done.

[MID]

21 hours ago, Flood and Flood's wife said:

Hello @Raika,

Welcome back!

Correct, PDM alerts do not have an *Ignore* option, PDM issues need to be analysed by Kaspersky Virus Lab experts.

https://www.virustotal.com/gui/file/2ac1d0771aa82c74e06fea95064a95006f091eea943f9db4457181940ea9b849

1.  Please do the following: log a request with Kaspersky Customer Service, https://support.kaspersky.com/b2c#contacts  - on the support page, select either Chat or Email, then fill in template as shown in the image below - please include any screen images of the error & a *detailed history*. Support may request logs, READ: Files to send to Kaspersky technical support in case of PDM malware detection, traces & other data; they will guide you                                                                                                                                                    

Please share the outcome with the Community, when it's available? 

Thank you🙏
Flood🐳+🐋

Hello @MID, 

Welcome!

Log a request with Kaspersky Customer Service, https://support.kaspersky.com/b2c#contacts  - on the support page, select either Chat or Email, then fill in template as shown in the image below - please include any screen images of the error & a *detailed history*. Support may request logs, READ: Files to send to Kaspersky technical support in case of PDM malware detection, traces & other data; they will guide you: 

Please share the outcome with the Community, when it's available? 

Thank you🙏
Flood🐳+🐋

Good day!

I have done what you said already. I have even sent the "eso64.exe" via KL box, as they recommended me. I hope they get this fixed soon. I can play the game by adding it in the Exclusion and Trusted list, but it just doesn't sit right by me.

[MID]

I just got a reply from Kaspersky Support. Will they let us know if the game application has been removed from their virus watchlist so we can start to remove it from the Trusted and Exclusion list of Kaspersky?

[Flood and Flood's wife]

43 minutes ago, MID said:

I just got a reply from Kaspersky Support.

1. Will they let us know if the game application has been removed from their virus watchlist so we can start to remove it from the Trusted and Exclusion list of Kaspersky?

 

Hello @MID, 

Thank you for posting back!

No. Not unless you ask. 

Generally, when they send that type of advisory they write something like: "The detection will disappear within 12 hours. Please observe it on your end. If the issue still persists after 12 hours please let us know?"

Thank you🙏
Flood🐳+🐋

Edited June 8 by Flood and Flood's wife
Generally, when they send that type of advisory they write something like: "The detection will disappear within 12 hours. Please observe it on your end. If the issue still persists after 12 hours please let us know?"