dpradov
commented
9 months ago Regarding this topic, please see what I already indicated here: https://github.com/dpradov/keynote-nf/issues/635
As it is quite annoying and certainly means that there are people who cannot use the application at work, where very restrictive policies are usually applied on the use of "unknown" applications, I have obtained a certificate for code signing, with which I will sign the following versions. It should help prevent some engines from flagging them as suspicious, and also help Microsoft's Smart Screen warn you about installing an app from an unknown editor.
Sorry to ask, but why does keynote-nf delete and write the driver Windows\system32\spool\DRIVERS\x64\3\mxdwdui.BUD?
Well, I would have to investigate it, I don't know. I assume it will be related to the component used for printing (Note | Print Note...) (File | Page setup ) All the code used, both the one created by me and the one corresponding to 3rd party components, is available on GitHub, if you want to take a look. In particular: https://github.com/dpradov/keynote-nf/tree/master/3rd_party/richprint
Regards Daniel
Gigafloppagus
Hello, and thank you for your hard work.
KeyNoteNF_1.8.5.1 is regrettably flagged by some security vendors.
The sandbox Zenbox flags this file as: MALWARE RANSOM TROJAN. It seems some of the reasons are
Masquerading behavior: Drops files with a non matching file extension (content does not match to file extension)
Virtualization/Sandbox Evasion: Contains medium sleeps (>= 30s) Contains long sleeps (>= 3 min) May sleep (evasive loops) to hinder dynamic analysis
Cf. https://www.virustotal.com/gui/file/a1c605d8fa66867158eab2deedad99d051864d466b96ea1b920cc46723e3dcf4/behavior
Sorry to ask, but why does keynote-nf delete and write the driver Windows\system32\spool\DRIVERS\x64\3\mxdwdui.BUD?
Apologies for bringing this up.