Windows found zen like a virus #718
Comments
|
I assume this is because Zen's binaries aren't signed yet, not because of a critical security vulnerability |
|
Here's additional info from Windows Defender: |
|
Yeah, I've been using Zen for about a month and this just started happening. The zen.exe file is completely gone from my computer and trying to launch from the shortcut results in a potential virus error. Something happened in the latest update, I'm not sure what happened. For now I'm switching back to Firefox because I can't afford to have a browser die on me randomly like this. Even cleanly reinstalling it doesn't work. |
|
Adding on to this, the zen.exe file is missing because Windows Defender saved me and deleted it. I don't know how much I trust this browser anymore if they're sneaking trojans into browser updates. There's no reason Wacatac should be getting flagged if it isn't actually there in the binary. |
|
this is most likely a false positive, windows security is pretty sensitive and detects a good chunk of things as malicious, including some really basic stuff. agreeing with AceiusIO, most likely due to the binaries not being signed |
|
Defender just removed the exe while I was using Zen. The app crashed then the zen exe was deleted. Now can't install it as defender does this again. Added zen's folder to defender exclusions |
|
It seems to me that it is a false positive that Windows Defender raises due to the lack of a digital signature. The problem occurs only in the installer of the "optimized" version of the latest version released, therefore the alternatives to solve it are: Use the "generic" installer, or the "optimized" one of the previous version and update from there. |
|
As someone who has worked on programming Windows apps before, I've had mine get detected as viruses for the most basic things like creating and opening files. This has a 99% chance of being a false positive due to the lack of digital signature. |
|
That's right, here is more context about it: https://superuser.com/questions/1829864/trojanwin32-wacatac-bml-found-in-c-extend-deleted https://cdromance.org/guides/virus-detected-trojanscript-wacatac-bml/ |
|
Windows just deleted zen off my computer when trying to update as it recognized it as a trojan |
|
Try the generic version: https://github.com/zen-browser/desktop/releases/download/1.0.0-a.29/zen.installer-generic.exe |
|
This should be the measure to take as users: https://learn.microsoft.com/en-us/defender-xdr/m365d-autoir-report-false-positives-negatives |
|
Virus Total also detects the application as a virus, which doesn't really give much confidence. Zip: Installer: Generic Installer (link of extropyst): Generic zip: |
|
I had the exact same problem and even Virustotal is flagging the zen.exe file, I'm pretty concerned about it now, despite that I was having a great time with Zen. |
|
Check this information: and also try to scan the file elsewhere with more robust virus engines. I just scanned the file at https://opentip.kaspersky.com/ and it didn't throw up any alerts, I did it at https://internxt.com/virus-scanner and it didn't either:
|
|
Comodo Internet Security also has it as a Trojan:
|
|
zen-browser.app is done (due to lack of payment?)
|
|
It's working fine here: |
|
|
I would like to add that using a previous installer and updating doesn't help. The act of updating is what caused this for me. It seems to be only the latest update, but there's no way to downgrade and stay downgraded (it annoyingly forces you to update when you start the browser). For now, I'm still using Firefox until this is resolved. As a principle, I never add a bypass to Windows Defender. It's just too risky to do that. Once Windows Defender stops quarantining it and the browser seems generally safe, I'll download it again. I just can't trust it right now, even if it is probably just a false positive. |
Why do zen doesn't have it? Is it a financial issue, or there are other constraints as well? |
|
I dont know where im supposed to get the signature from, if someone could guide me in the right direction would be great |
|
@mauro-balades some places to look: Microsoft has recently launched their Trusted Signing service through Azure (though I believe it is still in preview): |
|
It works fine on windows 10 with latest updates and AV too. |
|
Make sure you are downloading it from www.zen-browser.app, not www.zen-browser.com, they are different projects. |
Take a look here: |
Same here. This plus the CDNs doesn't give me any confidence. No news on this? |
|
Please, let's continue here #37, im losing track of the issues about this topic now |
What happened?
Windows reporting trojan when installed zen
Reproducible?
Version
1.0.0
Severity impact
Critical
What platform are you seeing the problem on?
Windows
Relevant log output
The text was updated successfully, but these errors were encountered: