What program found it as malware?

Malwarebytes shows good. Windows Defender reports safe as well.

What Anti Virus are you using ?

It's probably a false positive, i have two seperate scanners and that file comes back clean for me.

Ok it's not a false positive, it is a trojan.

See the info here for removal, https://forums.malwarebytes.com/topic/157179-removal-instructions-for-trojanagent-kryptik/

The question now is how did it get there, there's no way it's come from updates from Paradox or Colossal Order.

Edit: How did Trojan.Agent Kryptik get on my computer?

Trojans use many ways to infect your computer. This particular one was spread by using Silverlight and Adobe Flash exploits following this flowchart:

https://blog.malwarebytes.com/threat-analysis/2014/08/shining-some-light-on-the-unknown-exploit-kit/

Always make sure your flash is updated or better still stay away from it and silverlight, they have been vunerable from day one and failing to keep them updated results in infections like this.

The program I used to detect the trojan is GridinSoft Anti-Malware.

CyberVibes eredeti hozzászólása:

Ok it's not a false positive, it is a trojan.

False positive doesn't mean that what your AV system thinks it has found doesn't exist. It means that what your system thinks is a trojan etc. is not actually one, but just a harmless file. Especially the commercial AV systems tend to produce a large number of false positives, either to be on the safe side of things, or to be alarmist and make you pay for the software.

Whatever is the case for you, though, it's a good idea to take the necessary precautions - just in case.

Okay what is this? I have played Cities: Skylines like only a couple of hours ago.

#RIPCSUsers

Meesmoth eredeti hozzászólása:

Okay what is this? I have played Cities: Skylines like only a couple of hours ago.

#RIPCSUsers

Lol it's just some guy who's probably watched some questionable videos on the internet, and a virus has spread into a random folder, just happened to be his CS folder I guess.

Edit: I also have this file LOL, no virus though, seems the trojan is being an imposter.

CyberVibes eredeti hozzászólása:

Ok it's not a false positive, it is a trojan.

See the info here for removal, https://forums.malwarebytes.com/topic/157179-removal-instructions-for-trojanagent-kryptik/

The question now is how did it get there, there's no way it's come from updates from Paradox or Colossal Order.

Edit: How did Trojan.Agent Kryptik get on my computer?

Trojans use many ways to infect your computer. This particular one was spread by using Silverlight and Adobe Flash exploits following this flowchart:

https://blog.malwarebytes.com/threat-analysis/2014/08/shining-some-light-on-the-unknown-exploit-kit/

Always make sure your flash is updated or better still stay away from it and silverlight, they have been vunerable from day one and failing to keep them updated results in infections like this.

What A/V caught it?

If it was Malwarebytes, then it is likely coming from a mod.

If Adobe is updated properly and not a new version of an old virus, the virus is harmless and can't infect you.

But let this be a good lesson on downloading stuff off the workshop. Make sure the author has the source code available. If the Authors are hiding the source code, you risk getting a virus as you won't know what extra code is in the mod and allowing a virus into your system.

Neb eredeti hozzászólása:

What about Shockwave flash ?

Always keep all of your software up to date or you have a higher risk of infection.

I don't know if this is relevant but a few days ago malwarebytes detected a trojan on an asset page, but I didn't click to subscibe and had no probiens since

okay seriously is this a widespread issue? I don't want to uninstall CS from my machine just because some random virus got into the game files for unknown reasons.

Yeah, do I actually have to go through all of this? What does the virus do anyway?

Ran Malwarebytes; nothing detected on my system.

best thread ever

Metacritical eredeti hozzászólása:

best thread ever

Seriously this is not a joke thread, it is a serious problem and there is no confirmation if this is widespread, I DON'T WANT TO UNINSTALL CITIES: SKYLINES FROM MY PC just because of this random virus that entered the game files for unknown reasons.