Loading...
  OR  Zero-K Name:    Password:   

Forum index  > General discussion   >

zero k virus

31 posts, 3476 views
Post comment
Filter:    Player:  
Page of 2 (31 records)
sort
GBrankczesio
4 years ago
Trojan:MSIL/Masslogger.VN!MTB
in portable distro
C:\Users\lobster\Downloads\zero-k-portable\Zero-K.exe
hmmm
+3 / -1

ZArankAstran
4 years ago
My AV doesn't like ZK either. I think because it can self-update.
+0 / -0
DErankshrimpy
4 years ago
i would totally trust Aquanim not to do any bollocks like this after deleting questions about donations or bans by mood
+0 / -3
DErankshrimpy
4 years ago
anir disagrees aquanim would not do such bollocks... now this is worrying
+0 / -2
DErankshrimpy
4 years ago
curious that steam is ok with virus spreading
+0 / -1
USrankTheMangoKiller
4 years ago
Received the same alert from Windows Defender. Steam and/or Zero-K need to so something.
+4 / -0
DErankshrimpy
4 years ago
id support to ask steam why and since when they support virus spreading and weird donation feedback policies of just ignoring, removing and punishing people for questions about their previous donations
sounds dodgy
+1 / -0
DErankshrimpy
4 years ago
(edited 4 years ago)
i also noticed some breaks against GDPR tho, as personal data, which was (requested to be) deleted, suddenly is back up after half a year
+2 / -0

DErankPyrostasis
4 years ago
Same here. Windows keeps deleting zero-k.exe
+3 / -0
Firepluk
4 years ago
(edited 4 years ago)
I always knew they mine crypto shitcoins using chobby :P

P.S. seriously guys, just buy a fucking certificate for signing exe files
it's not -that- expensive and it verifies publishers identity(all decent anti viruses will fuck off)
+3 / -0
BRrankManored
4 years ago
I had the same problem of having Windows Defender identify something about Zero-K as a virus when I tried downloading the newest update. I had to tell Windows Defender to let it go.

I don't recall this happening before so I imagine its something in the new update.
+0 / -0
USranksomekid
4 years ago
does Googlefrog know when we poop now?
+3 / -0
AUrankStuff
4 years ago
quote:
does Googlefrog know when we poop now?

I mean, it's not that hard to take it one step furthur and be watching a dozen or so people poop through their webcams at once. perhaps also at 4k resolution and with high-definition audio.
+1 / -0
Firepluk
4 years ago
(edited 4 years ago)
quote:
I mean, it's not that hard to take it one step furthur and be watching a dozen or so people poop through their webcams at once. perhaps also at 4k resolution and with high-definition audio.

Everyone who poops right in front of their PCs are in grave danger ^_^
+4 / -0

TWrankKitty116065
4 years ago
who does that anyways
+1 / -0


CZrankAdminLicho
4 years ago
Please use the defender/your antivurs system to report that this is a false positive.
The only way to prevent it from labeling it.
+0 / -0


USrank[GBC]1v0ry_k1ng
4 years ago
Zero-K virus

symptoms: a maps folder that gradually swells to 200gb size

cure: goodbye post in forum, typically followed by long regression period.

other notes: linked to heightened enthusiasm for cooked seafood
+3 / -0
Firepluk
4 years ago
(edited 4 years ago)
https://comodosslstore.com/codesigning.aspx
70$/year for 3 year certificate, pretty sure we can find 70$/year as a community, can we?

"reasonable" overview of prices in the area:
https://cheapsslsecurity.com/sslproducts/codesigningcertificate.html

we should buy and sign both chobby.exe and spring.exe and executable of installer we provide outside of steam, this should be done as a part of release process
+0 / -0
Firepluk
4 years ago
(edited 4 years ago)
quote:
Please use the defender/your antivurs system to report that this is a false positive.
The only way to prevent it from labeling it.


Read about code signing, all those AV alarms are -heuristical- analysis because executable comes from an -untrusted- source(interwebs) and -unknown- publisher. When publisher is known thru a chain of trusted CA all heuristical analysis usually shuts down and only classical signature search stays which has nothing on chobby/spring

They also state there is extended validation available for 800$/3 years(200$/year) to bypass windows SmartScreen... not sure if it worths it, even basic signing should alleviate most of those problems

Basically when executable is signed it allows to
- verify publisher's identity(which gets recorded by CA that gives u the certificate)
- ensure that executable has not been modified since the time it's been signed by publisher

Those 2 are enough to ensure it's not a malware, and if it is means certificate been stolen/publisher went rogue => certificate can be blocked/revoked.
Reduces malware spread by 99.99%
+1 / -0
USrankTheMangoKiller
4 years ago
There's no way I'm letting this go as an exception. Given multiple virus programs have flagged it, compromised code is much more likely than a new feature tripped all the scanners at once.

The developers need to step up and either remove the "feature" causing the issue, or get right with signing the exe.
+2 / -0
Page of 2 (31 records)