PDM.Suspicious driver installation
I was playin maple a couple of hours ago, now I try it I get a kaspersky message:
'At previous session Unknown application was trying to download driver in a hidden way,
Kaspersky Internet Security will not be able to control applicantion activity after installtion.'
Detected:
PDM.Suspicious driver installation
Process (PID: 4984):
C:NEXONMAPLESTORYMAPLESTORY.EXE'
Then it says allow or terminate
Kinda freakin out here, someone trying to hack me? o.0 cuz im pretty poor, or is it just a false threat, if so, why now?
February 15, 2011
3 Comments • Newest first
@Bobr thanks alot, I ran both scans and nothing popped up, but to be on the safe side im gettin a friends maple files and once thats in I'll change my pass&pin
If it's actually trying to do a driver installation, I'd bet serious money on you having gotten a MS specific virus from visiting a site you should not have. MS doesn't install drivers, but keyloggers/pic ss loggers do often do that.
So, it might be harmless but only you know whether you like to visit non-nexon sites. If you've been browsing hack sites or have downloaded and cheats, well, then that would back up the suspicious nature of MS trying to install a driver...
Interesting... this is the first I've heard of anything like this happening with Kaspersky.
A number of anti-virus programs have trouble with the Maplestory.exe file because of the way it's "packed" in an attempt to keep hackers from reverse-engineering it. The problem is that virus makers often use the same type of "packing" method to try to keep anti-virus programs from seeing what's inside of the viruses so the anti-virus programs automatically suspect anything that's packed that way.
These are "false positives" caused by the anti-virus being overly protective and can generally be ignored or excluded from the anti-virus scans. This is probably why Kaspersky only reports this incident as being "suspicious", not that it's a detected threat.
The odd thing in this case is that it started happening now. Normally problems with anti-virus programs happen right after a new patch, when Nexon changes the packing method again, and usually it's reported by a lot of people all at once.
I would run a full scan of your computer with Kaspersky, and also with "Malwarebytes Anti-Malware" which is specifically optimized to find "spyware" and can work together with Kaspersky to help keep your computer fully protected. (Run them one after the other, not at the same time.)
If both scans come up clean, it's probably just the "false positive" problem I mentioned earlier, and if it happens again it should be safe to add Maplestory.exe to the Kaspersky "exclusions list" which will tell it not to report this again.