gijoe559 Posted July 21, 2019 As I use norton antivirus, I came across this warning as my Zdaemon stopped working because I cancelled the update (due to the updater freezing). Im assuming Norton deleted Zdaemon due to the fact that it was changing something in registry If anybody has any answers to this please come up as this is very odd for Zdaemon, as this never happened for the last updates 0 Share this post Link to post
DoomSpud Posted July 21, 2019 Norton is straight fucking garbage (like most antivirus software). It used to quarantine Builder.exe after unpacking the zip file claiming it was a virus. Do yourself a favour and stop using it. 13 Share this post Link to post
gijoe559 Posted July 21, 2019 46 minutes ago, DoomSpud said: Norton is straight fucking garbage (like most antivirus software). It used to quarantine Builder.exe after unpacking the zip file claiming it was a virus. Do yourself a favour and stop using it. Well noted 1 Share this post Link to post
DoomSpud Posted July 21, 2019 2 hours ago, gijoe559 said: Well noted I haven't used an antivirus for years. All they do is slow your CPU and chew up your RAM in the background which hampers the performance of everything else. They aren't really essential unless you deliberately lurk areas of the internet where you really shouldn't. The built-in windows firewall/defender is all 99% of computer users will ever need for defence. Some people even pay monthly or yearly fees for "antivirus protection"... it's unbelievable what sort of useless crap people will throw their money at... 4 Share this post Link to post
AF-Domains.net Posted July 21, 2019 It is related to the following change that was introduced relatively recently: 22. ZLauncher can now become the system-wide handler of the zds:// protocol. Either way, it is completely harmless. 3 Share this post Link to post
DoomGater Posted July 22, 2019 And I guess this belongs not here. Didn't you know there's a forum for questions concerning source ports? https://www.doomworld.com/forum/6-source-ports/ 0 Share this post Link to post
Cruduxy Pegg Posted July 22, 2019 I think the virus you have is Norton. 16 Share this post Link to post
hella knight Posted July 22, 2019 Look up 'false positive' in terms of antivirus :) something everyone who uses torrents has probably encountered 2 Share this post Link to post
DoomSpud Posted July 22, 2019 23 minutes ago, hella knight said: Look up 'false positive' in terms of antivirus :) something everyone who uses torrents has probably encountered Ahhhhh, that's what they call it? 1 Share this post Link to post
Graf Zahl Posted July 22, 2019 (edited) I think Norton is smart for revealing ZDaemon's true identity... :P For the record: Having to trust some closed source third party software for handling an internet protocol is a big no-go for me and this may be enough for antivirus software to show a red flag. There's nothing wrong here with showing a message, it properly warns that the program is trying to act as a global responder to some data. What can be criticized is the action. Blanketly assuming that it needs to be blocked will render any legitimate action of this type impossible, it should at least *ASK* if what's being attempted is ok, unless the action is an unambiguous attack on the system, which this is clearly not. Of course it's neither acceptable that ZDaemon is apparenly trying to muck around with the system in such a manner without proper feedback to the user. One more reason not to use it. 7 minutes ago, DoomSpud said: Ahhhhh, that's what they call it? No, this isn't a false positive. A false positive would mean that an executable is falsely identified by some malware signature. What happened here is that a suspicious action (i.e. something the program actively did!) by ZDaemon was intercepted. 3 Share this post Link to post
DoomSpud Posted July 22, 2019 8 minutes ago, Graf Zahl said: What can be criticized is the action. Blanketly assuming that it needs to be blocked will render any legitimate action of this type impossible, it should at least *ASK* if what's being attempted is ok, unless the action is an unambiguous attack on the system, which this is clearly not. A false positive would mean that an executable is falsely identified by some malware signature. Yeah, as I mentioned above Norton, AVG and Avast have all in the past flagged 'Builder.exe' when I've downloaded a new version and unpacked the zip... they'd throw up a message saying "yada yada yada this file is dangerous blah blah blah file has been quarantined..." and it would remove it from the Builder folder so I couldn't click it or run it from my desktop shortcut. TOTAL FUCKING PAIN IN THE ARSE!!! I'd have to remember to switch my anti-V's off before unpacking zip files and then turn them back on (which strangely never "retro-flagged" anything... it would only do it during the unzipping process, never after... oddly...). After a while I just fucked all my antivirus software off. Got sick of having to babysit it and reassure it "no, that's file is ok... so is that one... AAAAND that one... and that one too you muthafucker!! STOP IT!!!". 3 Share this post Link to post
Graf Zahl Posted July 22, 2019 I, too got fed up by the AV software, I had been using Avast for a long time until it started removing stuff I needed and broke legitimate installations. Then I tried BitDefender and eventually the same happened. I ultimately switched to Microsoft's built-in solution. It only flagged one false positive so far but at least it ASKED me what to do about it when it happened so I could add it to the whitelist. 8 Share this post Link to post
gijoe559 Posted July 22, 2019 It was definitely a false positive, more or less Norton's "SONAR" protection detects anything as a virus. The main reason that i made this post although is to see exactly what triggered Norton to add 7 condoms on my computer just because of the new update. I have now learned that you should actually switch the option to automatically remove threats off. Antiviruses are acceptable sometimes, but the fact that Norton FUCKING WATCHES EVERY FUCKING APP for something slightly odd to happen, it goes apeshit 1 Share this post Link to post
Barry Burton Posted July 26, 2019 On 7/22/2019 at 5:14 PM, gijoe559 said: It was definitely a false positive, more or less Norton's "SONAR" protection detects anything as a virus. The main reason that i made this post although is to see exactly what triggered Norton to add 7 condoms on my computer just because of the new update. I have now learned that you should actually switch the option to automatically remove threats off. Antiviruses are acceptable sometimes, but the fact that Norton FUCKING WATCHES EVERY FUCKING APP for something slightly odd to happen, it goes apeshit This isn't just Norton. I mean, what else do you expect an A/V suite to do? Remember, nothing is the same as it used to be. A/Vs can't rely just on signature based detection anymore. They have to analyze patterns and trends now. It's much more complex now than it has ever been. 0 Share this post Link to post
DoomSpud Posted July 27, 2019 13 hours ago, R4L said: It's much more complex now than it has ever been. People are also now more paranoid then ever before... 1 Share this post Link to post
Cackledemon Posted July 30, 2019 It bewilders me that signature-based detection was ever a solution. 1 Share this post Link to post
Reisal Posted July 30, 2019 Now if ZDaemon didn't lock themselves out, unlike every other source port out there.. 1 Share this post Link to post
Flambeau Posted August 3, 2019 On 7/30/2019 at 6:20 PM, Armaetus said: Now if ZDaemon didn't lock themselves out, unlike every other source port out there.. I dont get how this related to the handling of the ZDS:// protocol. As stated by AF-Domains.net earlier, this is what caused it. In my opinion this answers the question being asked, and lets not get that answer buried in non related talk for the sake of ppl searching the answer. 0 Share this post Link to post