yeah i think it was a website two

Warning to all people reading this thread:

csrss.exe is a normal program of your windows system. Don't remove it if you don't know what you're doing.
However, it can happen that some trojan pretend to be this program, and they must be removed, indeed. But if you're not sure, let your anti-virus / anti-malware do its job by detecting if the csrss.exe currently running on your pc is the real one or a malware.

You are not the only one:

Malwarebytes
www.malwarebytes.com

-Detalhes do Relatório-
Data do evento de proteção: 12/08/2022
Hora do evento de proteção: 22:33
Arquivo de relatório: e8df5efa-1aa7-11ed-a25d-1c1b0df4a270.json

-Informações do Software-
Versão: 4.4.10.144
Versão de componentes: 1.0.1499
Versão do pacote de definições: 1.0.58533
Licença: Somente
Premium

-Informações do Sistema-
Sistema operacional: Windows 10 (Build 19044.1826)
Processador: x64
Sistema de arquivos: NTFS
Usuário: System

-Detalhes do Site da Web Bloqueado-
Site da web malicioso: 1
, F:\SteamLibrary\steamapps\common\ProjectZomboid\ProjectZomboid64.exe, Bloqueado, -1, -1, 0.0.0, ,

-Dados do site da Web-
Categoria: Malware
Domínio:
Endereço IP: 152.67.40.9
Porta: 16261
Tipo: Saída
Arquivo: F:\SteamLibrary\steamapps\common\ProjectZomboid\ProjectZomboid64.exe



(end)

Please don't be stupid enough to tell me I'm starting a war because 9 antivirus are flagging the game as malware:
https://www.virustotal.com/gui/file/d484bb207a4f80d4863221d663021b6acc44a31012adb97fc179dd80cb254846/behavior

Ursprungligen skrivet av Lagartixa:

Please don't be stupid enough to tell me I'm starting a war because 9 antivirus are flagging the game as malware:
https://www.virustotal.com/gui/file/d484bb207a4f80d4863221d663021b6acc44a31012adb97fc179dd80cb254846/behavior

False positives are a thing.

I'm sure you're a smart individual who knows this game isn't ridden with malware. And if it was, it would've been wiped since a lot of users would've picked up on it.


So unless people are downloading this from something outside of Steam, this won't give you a virus nor is it a malware and if people are that paranoid, they're free to choose not to play.

Ursprungligen skrivet av Jackpot:

Ursprungligen skrivet av Lagartixa:

Please don't be stupid enough to tell me I'm starting a war because 9 antivirus are flagging the game as malware:
https://www.virustotal.com/gui/file/d484bb207a4f80d4863221d663021b6acc44a31012adb97fc179dd80cb254846/behavior

False positives are a thing.

I'm sure you're a smart individual who knows this game isn't ridden with malware. And if it was, it would've been wiped since a lot of users would've picked up on it.


So unless people are downloading this from something outside of Steam, this won't give you a virus nor is it a malware and if people are that paranoid, they're free to choose not to play.

personally i'd be far more worried about following that link they posted......

Ursprungligen skrivet av Drizzt:

Ursprungligen skrivet av Jackpot:

False positives are a thing.

I'm sure you're a smart individual who knows this game isn't ridden with malware. And if it was, it would've been wiped since a lot of users would've picked up on it.


So unless people are downloading this from something outside of Steam, this won't give you a virus nor is it a malware and if people are that paranoid, they're free to choose not to play.

personally i'd be far more worried about following that link they posted......

That's why I ain't touching it and just taking their word on it.

Nice necro....

Ursprungligen skrivet av Jackpot:

Ursprungligen skrivet av Drizzt:

personally i'd be far more worried about following that link they posted......

That's why I ain't touching it and just taking their word on it.

yup - while minority opinions are not necessarily invalid in many contexts - when it comes to virus scanning, i will take millions of users not reporting viruses over some weird website probably reporting some false positives from some shady software that no users of this game actually use

Ursprungligen skrivet av EnigmaGrey:

Yep, that's called a false positive as others have said.

Chances are there's a server that was previously used for malware that now hosts a PZ server. Game gets server details, AV sees it as a a hit on a known bad IP, game gets flagged as malaware.

Since IPs are rarely ever fixed and hosting services will often reuse IPs (like Linode, OVH .etc), it's going to happen all the time.

Lol. And you can see in the log here that it probably started because someone downloaded a pirated copy of the game:

Project.Zomboid.v41.7.rar
https://www.virustotal.com/gui/file/d484bb207a4f80d4863221d663021b6acc44a31012adb97fc179dd80cb254846/relations

Thanks. I don't think it has something to do with these pirate copies because files are checked on Virus Total by their checksum. It could happen if the given malware were competent enough to modify the game executable in a way it would produce the same checksum, but that is almost impossible.
The file scanned on Virus Total is the same as the game executable I had on my computer, where the game was downloaded from Steam.

Ursprungligen skrivet av Lagartixa:

Please don't be stupid enough to tell me I'm starting a war because 9 antivirus are flagging the game as malware:
https://www.virustotal.com/gui/file/d484bb207a4f80d4863221d663021b6acc44a31012adb97fc179dd80cb254846/behavior

checking out the VirusTotal link here, only 1 out of 51 antivirus programs caught the file "Project.Zomboid.v41.7.rar", and the singular antivirus program that flagged it - MaxSecure - has a history of false positives