Jump to content

So got a nasty surprise today in my SCANSAT mod that I downloaded from CKAN


reschke

Recommended Posts

Scansat was found to contain a trojan....its contained but it was effecting my KSP installation and really isn't a good thing. Glad all my virus/malware software picked it up as I was attempting to run KSP for the first time in a few weeks and had just downloaded the SCANSAT mod.

https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Trojan:Win32/Azden.B!cl

Link to comment
Share on other sites

3 hours ago, Tw1 said:

 

And there's your problem right there. I thought SpaceDock was dead?

You might be confusing it with * which I dead. Spacedock is still running.

That said; Norton often detects files as “suspicious” without much warning or reason and quarantines them. Despite some files coming from popular and frequently used mod listings.

Link to comment
Share on other sites

Also scanned (both github and spacedock hosted versions) with ESET NOD32 and no threats found. 

4 hours ago, ZooNamedGames said:

That said; Norton often detects files as “suspicious”

Indeed. Not wanting to get into a which-AV-is-better argument, but there's a reason I don't use Norton anymore. 

Link to comment
Share on other sites

28 minutes ago, katateochi said:

Also scanned (both github and spacedock hosted versions) with ESET NOD32 and no threats found. 

Indeed. Not wanting to get into a which-AV-is-better argument, but there's a reason I don't use Norton anymore. 

Last time I touched Norton, it was to remove it.  My mom's subscription ran out, and conveniently, at that very moment, she caught a virus that disabled her browser and redirected all page requests to... a page to renew her Norton subscription.  Funny how uninstalling Norton also removed that particular virus.

Link to comment
Share on other sites

2 hours ago, Geonovast said:

Last time I touched Norton, it was to remove it.  My mom's subscription ran out, and conveniently, at that very moment, she caught a virus that disabled her browser and redirected all page requests to... a page to renew her Norton subscription.  Funny how uninstalling Norton also removed that particular virus.

I don't know how Norton and McAfee antivirus suites are today, but back in the day, they were using way too much RAM for my taste. In the case of Norton, it would root itself so deep into the registry that I could've sworn the thing was a virus itself. After discovering ESET, I never looked at either of these two, ever again.

Link to comment
Share on other sites

2 hours ago, Geonovast said:

Last time I touched Norton, it was to remove it.  My mom's subscription ran out, and conveniently, at that very moment, she caught a virus that disabled her browser and redirected all page requests to... a page to renew her Norton subscription.  Funny how uninstalling Norton also removed that particular virus.

I'm pretty sure Norton's only reason for existence is to convince you to pay for its further existence.

Link to comment
Share on other sites

Well it came through when I was using CKAN...don't know where it pulled from and don't care since CKAN porked my installation of KSP 3x in 3 days so I am back to the good old fashioned using downloaded mods from other places methods.

Anyway still having the same issue with Spacedock, Curse and Github versions....think I am going to disable Defender and run it anyway since it seems to be a false positive.

Link to comment
Share on other sites

3 hours ago, Lo Var Lachland said:

I don't know how that got there. I meant to say Kerbal Stuff. Maybe I typoed and it got censored, or something? :huh:

Ah, #justKerbalThings, got it.  I remember that one, it got badly compromised.

2 hours ago, Kevin Kyle said:

Remember Norton Anticrash? It caused more crashes than windows did. lol

I...may've misread that as Norton Antichrist.  Which is really not quite as hyperbolic as it oughta be.  ...All those innocent boxes wrecked by SystemWorks back in the day.

1 hour ago, HebaruSan said:

Regarding the web site which can no longer be named:

 

Welp that explains that, it was the one that got hijacked (registration-sniped, severely compromised, or outright stolen?  I forget.)  Now if only I could remember the old old one that used to have an in-game link, that I think squad hosted themselves for a time.

Link to comment
Share on other sites

This thread is quite old. Please consider starting a new thread rather than reviving this one.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...