pzduniak
commented
5 years ago I've contacted Bitdefender and they're currently "analyzing" the file. As soon as I hear back from them I'll leave a comment here.
Open jansuvak opened 5 years ago
pzduniak
commented
5 years ago I've contacted Bitdefender and they're currently "analyzing" the file. As soon as I hear back from them I'll leave a comment here.
juanmigutierrez
commented
5 years ago Same problem here !
pzduniak
commented
5 years ago I'll keep this open until they respond to us.
XenonofArcticus
commented
5 years ago Me too. Looking for an update...
pzduniak
commented
5 years ago According to BitDefender this file will not be detected in a few updates (I don't know what's an "update" either). I emphasised that we sign our binaries with an EV certificate from a trusted vendor so our software shouldn't be detected, but they claim it's not (I've checked multiple builds many times, we sign everything).
If you run into this again I would definitely recommend reporting it to BitDefender rather than us, especially if you're paid customers. There's not much that we can do about antivirus companies randomly deciding that we're ransomware.
dustinschultz
commented
4 years ago @pzduniak according to VirusTotal and Windows, keybaserq.exe is NOT signed. This is the file that Bitdefender is complaining about.
It does not complain about the main keybase.exe (without the rq) as it IS signed.
and side-by-side in Windows, keybaserq.exe does not have a Digital Signatures tab like keybase.exe does.
lord-aerion
commented
3 years ago Unfortunately this is still an issue. I just had it happen to me. I've set up an exception for keybaserq.exe, but obviously this is not ideal.
caleb15
commented
2 years ago @pzduniak same issue as dustin, the keybaserq.exe does not have a digital signature section. Does this indicate it's unsigned? When you open it up on your computer does it have a digital signature section?
MoffySky
commented
3 months ago Bumping this back up @pzduniak any updates?
therevoman
commented
3 months ago Malwarebytes just flagged and quarantined the keybaserq.exe file on my system. haven't seen this previously.
malwarebytes-keybaserq.txt
ericlaw1979
commented
2 weeks ago Now detected by 7 AV engines. This file really should be signed.
https://www.virustotal.com/gui/file/69feba321acb012881ad8c855668eb7e7791ab59d67093bc46abbb6fceec37f4
Keybase GUI Version: 3.2.2-20190411231308+5262f90fd9
The application is blocked by Bitdefender Total Security - ransomware remediation.
Putting the app on the exceptions lists solved the issue for me.
Ransomware behavior remediated 4 minutes ago
Feature: Ransomware remediation
The process C:\Users...\AppData\Local\Keybase\keybaserq.exe manifests ransomware behavior and was blocked. Your files have been protected from being altered.