Every psro server contains viruses for me

08/07/2024 16:49 venxzu#1
Hi guys,
I just wanted to get back into playing Silkroad on private servers but every each of them contais Trojans or other viruses according to windows defender, mostly it's about .exe files.

Any solution? It's about most popular servers.
08/10/2024 03:27 PortalDark#2
Soo, the thing with viruses here is that most of them are false positives. A false positive means that they act as something that isnt really doing. It is mostly based on behavior.

Many servers TRY to compress and encrypt their files with packers. Packing exe files usually is seen as abnormal behavior by many Antiviruses thus creating an alert.


Right now, the 2 viruses you want to watch for because they are ACTUAL viruses are Jeefo and Rammit. There might be others here and there, but those are the most prominent
08/10/2024 17:02 Callum#3
Quote:
Originally Posted by venxzu View Post
Hi guys,
I just wanted to get back into playing Silkroad on private servers but every each of them contais Trojans or other viruses according to windows defender, mostly it's about .exe files.

Any solution? It's about most popular servers.
Do you use any alternative AV besides Windows defender?
08/10/2024 17:51 kaleorise#4
Quote:
Originally Posted by Callum View Post
Do you use any alternative AV besides Windows defender?
personally i tried with mwbytes yet it still found mw and trojans even in most crowded and famous servers q.q
08/11/2024 20:39 player3007#5
Well not all like i did search hard to find Srotimes Tales clean but some others have Virus that steal cards information even if it was Fake alarm i wouldn't trust this virus and server owners ask for ur Anydesk access to make it ignore the virus so my advise to you don't trust any exe from Pservers if u have sensitive information in ur pc and keep searching for clean files

at least if server owners spend thousands of dollars adding filters and doing edits they should at least clean their exe files
08/13/2024 00:43 HadokenV2#6
My PC was utterly ruined recently by the jeefo virus. I was only playing Golden online at the time, but who knows... maybe it was another server I had left on my pc vacant since quitting? All I know, is that jeefo was running riot on basically every .exe on my entire pc.
08/13/2024 17:53 InZiDeR#7
The issue is that many files are flagged as false positives because they're packed. Unfortunately, this has become the norm, which is quite risky. It allows PServer owners to embed injections and backdoors, taking advantage of the trust people place in these files, thinking they're safe.

There will always be black sheeps.
08/13/2024 18:50 silkdreamer99#8
use KAspersky internet security or PLUS up to 10 euro per year i get no viruses ony silkroad private servers
08/15/2024 07:23 notHype*#9
Quote:
Originally Posted by InZiDeR View Post
The issue is that many files are flagged as false positives because they're packed. Unfortunately, this has become the norm, which is quite risky. It allows PServer owners to embed injections and backdoors, taking advantage of the trust people place in these files, thinking they're safe.

There will always be black sheeps.
The reality is that this is such a reach and just doesn't happen. 99% of "pSrO dEvS" lack the knowledge to do such a thing. Those who do have the skill & ability to do so have already proven themselves to be trustable by the majority of the community. With 95% of servers using 1 of 2 filters (MaxiGuard & vPlus), with no other external DLLs, you can pretty much assure that there is nothing sketchy going on.

--

To the OP, an explanation:

You'll notice almost every client has the same detections on the same files. It's nothing to be worried about, it happens for two reasons:

1.) Original v1.188 files were flagged by Joymax after the files leaked.
2.) Custom DLLs are packed for protection against reversing/bypassing.

If you look into the detection labels, you'll notice that the majority of the "virus names" are nonsense - just AI detections for a suspicious program. So many valid applications and games face the same issue, just eventually getting whitelisted. Of course, the same does not apply for SRO as the files are pirated.

There are only 3 detections to worry about if found in a SRO client: Jeefo, Ramnit, or Neshta.

Those are NOT normal and WILL cause harm to your system. Many people make the mistake of automatically adding an exclusion to any freshly downloaded client before the first use because they are so used to having to do this, after that, RIP.

The rest of the detections are completely harmless (thusfar).

Still, it's very rare to find a client infected with any of these viruses lately because of Elitepvpers' virustotal regulations for thread publishing. Such stuff isn't commonly found across the community anymore like how it was 5-6 years ago.

If you're really worried, just scan the directory before opening the client. You know the names to avoid, the rest are irrelevant.

Good luck!
08/15/2024 13:52 klaufix#10
I saw many Positive comments on Saturn and many Players there so i downloaded the Client from the Website ( [Only registered and activated users can see links. Click Here To Register...]). Windows Deffender instantly warned and i got 6 Virus alerts

[Only registered and activated users can see links. Click Here To Register...]
[Only registered and activated users can see links. Click Here To Register...]