"Oh boy, Another Virus topic from Tyler66! Just kill me now."Yea. Anyway NBT Forge is a alpha map editing program for Minecraft.
Now we all know Minecraft. Or atleast some of us do.
This window popped up when I got back from taking a shower. No programs where open besides Blockland.
Notice that the program was trying to download or trying to "get access to malicious software".
I know some of us have experianced the horror of a Rogue Antivirus, thats what a Trojan "FakeAV" is for.
So, NBT Forge may was trying to download a Rogue onto my computer. Did Kaspersky delete the file? No. I did.
I did not want to restart my system anyway. Although Kaspersky overeacted and started clogging my network traffic. I got disconnected and reconnected alot. Anyway, I got enough time to access my router Firewall details before the next disconnect.
Although I could be mistaken that this wasnt NBT Forge but it might be possible this is legit. This attacker was the top attacker on the Firewall list. Notice that the IP is a local adress, in which might be my computer. But may be wrong.
Although this could be a False Positive. So I sent the file to VirusTotal for a wide Antivirus scan.
VirusTotal ReportKaspersky and another Antivirus give a Fake AV report. So it might not be a False Positive.
And if you dont know what a FakeAV Trojan is,
Trojan.FakeAV DetailsMy Traffic seems to be fine now. I may need to preform a Malwarebytes scan.
So, Discuss?
False Positive?
Legit Virus?
Tyler being Tyler? - Yes