The files are original from SOACS developer, I do not think he would put anything into his files.
Here is full scan https://virustotal.com/en/file/135fe...is/1478082524/
This is a discussion on Zone MYKO (Stay tuned) within the Private Servers forums, part of the Knight Online (ko4life.com) category; Originally Posted by Diver
My Antivirus found a Trojan in the download file on your Website.. (Win32/Skeeyah.A!rfn) it's marked as ...
Page: 56
The files are original from SOACS developer, I do not think he would put anything into his files.
Here is full scan https://virustotal.com/en/file/135fe...is/1478082524/
Hi,
my short video record live & game cam combo at ZoneMYKO.. Enjoy :P
Assassin Combo at Dummy :
<font color="#BBBBBB"><span style="font-family: &quot">
Assassin PK (live) :
Assassin VS archer :
Stay tune... when i am free, i will do some PK and upload more video !
Regards,
Spikey
Last edited by spike; 11-02-2016 at 07:56 AM. Reason: edit video link
Assassin PK (Game Cam) :
Sorry, but your Launcher and your KOClient are infected by two different trojans. I can post a full scan if you want.
Both trojans can be used to turn an infected Computer into a botnet or to steal sensual data like Credit Cards, passwords, etc.
I'm aware that previously older KO Versions got marked as malicious by anti-viruses, however, this is not the typical "KO"- Trojan
edit: Did you check your posted Scan Result? 38 out of 56 Anti-Virus programs (mine isn't even listed) marked it as infected...
What you think is a matter of uncertainty. Certain is, your files (not only the KOClient but also the Launcher) seem to be infected, you posted scan results of 56 Virus Scanners and 38 of them say it: THE FILE YOU SCANNED IS INFECTED.
You should clarify this as fast as possible as you're distributing very dangerous malware to alot of people. Not saying it has to be the original SOACS Developer who put that malware into it, could have been 3rd party. What you paid to these guys is also peanuts compared to the potential money (and damage) they could produce. To me it looks like a good blackhat business. At the end you'll be the responsible one in case something happens.
Wouldn't be the first time though that "trusted" Software is infected (see Android)
You are wrong.
I checked different server with latest SOACS, which was http://firstko.net/ (Old oldschoolko).
You can see they use also new version of SOACS software and got detection ration 40 / 56:
https://virustotal.com/en/file/cbdf0...is/1478168130/
You cannot compare clients of 1299 versions with other one, I am not sure which other server is actually run on latest 1299 version of SOACS client files. But I am quite sure you will find there the same detection ratio.
If you have any doubts about the official SOACS files for 1299 you can write directly to developer osmanx which is well known by the community and most trustable servers using his software (for example Profko).
Can you explain me HOW can we fix something we DO NOT developing? The only person who can fix it is the SOACS developer, and all SOACS server using his software. There were never any problem with him and there are no doubts, nobody ever reported any scam from osmanx. We are just one of his customers same as Profko, OldschoolKO and many others.
First of all, all this detections you see are false detections, because I use packer to pack files and this packers even my winlicense is licensed not using cracked one etc, are used by many bad software providers since cracked/old versions are all available on the net.
Second most of detection methods, I use also used on many rootkits because in practice we must use windows' own functions to enumerate and get information, for example scanning opened handles on operating system to detect ring0/ring3 level open process attempts on KO.exe.
Third and most important thing is for claiming this files are having backdoor, you must provide more than basic virustotal scan, since you talk like knowing all deep network programming and code behaviour analyst, you must provide connections done by launcher and client and also provide which files are opened by them to steal data from your computer.
Sadly, as a developer of soacs I always get such expertised posts on everywhere but sorry to disappoint you I never put remote control on my server files or clients even I'm not sending third party data to server, If i detect cheat on user but simply close game and put log to users own client log. So server admins even me won't know if user is cheating if they won't send their log to us.
Why I choose such thing over sending data, because I believe privacy of user even if they are cheaters.
So next time making some assumptions provide more deep information then claimining it and If you want i can show all source code of client or server via teamviewer/skype screen share to you.
As I said all virus detections are false on that scans and sadly even I mail to antivirus providers since this is private game servers they refused my requests for getting whitelisted.
I am not the one who has to come up with "deep information" if most anti viruses flag your Software as malware.
I don't really care about your code. There was no explaination so far why your files are being marked as infected and incomprehensibly not alot people care about that. Despites saying that you scan the computers processes on a very low level you should explain (wouldn't be bad for your business either) why anti-virus warns the user about potential trojans in your files that could remotely control infected computers. Getting alot of "such expertised" posts should signify you also, that there's a lack in the product you're providing and you should back it up with more information as there's enough evidence to claim that you developed malware. Your code is not open source and I am sure I don't want to spend hours on teamviewer to analyze your code.
Well, obviously the KO-spirited people don't give a single shit about their own security and why your customers haven't investigated into this before leaves a questionmark. Simply saying "the soacs developers are trusted" shouldn't be an answer to this potential problem
As I can see you have no clue at what you talking at all so no need to spent my time to explain what is what but friendly remainder to you next time when you claim something and act like expert give more detail then just simple link.
PS: If i had such remote control/backdoor there wouldn't be cracked servers at all who is using stolen versions of SOACS
Well there is:
That you don't understand to the clear explanation doesn't mean there is no explanation.
That only means you do not really care about trojans, you are just trolling here.
I am not sure how long you know KO, I am playing it since year 2003 and the KO had problems with antivirus softwares for maybe already 10 years. That is simply caused with fact that KO is vulnerable to hacks and the only way to defend against hacks is to do a full scan of running process on your PC. That means every KO is spying on you even the official KO for a years. There is of course a possibility that someone can add a real malware into his software, but if he do such thing and he steal some info, he puts himself under a risk of being jailed. The good name of developers is necessary for people to buy their products. I am not sure how old SOACS is but it is one of most common software for private server community for a years! And for that many years there were never single person who would get his credit card or info stealed by osmanx.
There was a very famous case of issues caused by Anti-Viruses in the past with USKO. They used anti-cheat called XTrap, which required certain level of access to the user's computer to make sure they're not running cheats in the background. This obviously was recognized as a Trojan backdoor virus by most anti-viruses, which led to users having trouble logging in without turning their Anti-Virus off.
Most private server players are used to having false-positives in clients, which is why it's not a surprise that many anti-virus programs even delete game files when you're trying to launch the game. Obviously it's healthy to make sure there is no fishy shit included in the game files, but after a while you get a pretty good grasp of which alerts are actually to be regarded with care and how to recognize real threats. Also, there's plenty of people with vast knowledge of these sorts of things, which makes it very hard to slip in something infectious unnoticed.
Kaos is IBM secret agent, you dont know it? I dont trust those files too
Bookmarks