Ymacco.AA2E trojan in R2R's latest releases?

Discussion in 'Software' started by iamawesome, Sep 18, 2021.

  1. iamawesome

    iamawesome Newbie

    Joined:
    May 29, 2018
    Messages:
    10
    Likes Received:
    1
    Anyone else experiences this?

    I've read the included NFO but am sooo puzzled as to why R2R have used AA2E? Anyone had their computer taken over with the "pay xxx amount if you want to acces your files again" for which it is normally used?

    Cheers.

     
    • Disagree Disagree x 4
    • Dislike Dislike x 2
    • Funny Funny x 1
    • Interesting Interesting x 1
    • List
  2.  
  3. muse2love

    muse2love Producer

    Joined:
    Nov 11, 2013
    Messages:
    230
    Likes Received:
    99
    Location:
    Montréal
    I doubt you use a good anti virus that avoid signaling false positive

    or you donwload it elsewhere to your own rizk

    good luck
     
  4. BuntyMcCunty

    BuntyMcCunty Rock Star

    Joined:
    Nov 13, 2019
    Messages:
    594
    Likes Received:
    338
    Location:
    Liverpool
    Yeah, you should definitely stop downloading R2Rs warez. In fact, for maximum protection, you should go out and buy a Mac. Then you won't even be tempted to download those evil warez.

    How about giving us a clue and telling us which particular software you're talking about?

    Also: How to tell if a virus is a false positive
     
    Last edited: Sep 18, 2021
    • Winner Winner x 3
    • Agree Agree x 2
    • Like Like x 1
    • List
  5. justwannadownload

    justwannadownload Audiosexual

    Joined:
    Jan 13, 2019
    Messages:
    1,310
    Likes Received:
    849
    Location:
    Central Asia
    Here we go again.

    Sister site releases are clean. It's a false positive because cracking and keygening is invasive by its nature.
    Also because devs report cracks as viruses.
     
  6. iamawesome

    iamawesome Newbie

    Joined:
    May 29, 2018
    Messages:
    10
    Likes Received:
    1
    Go where again?

    No need to be patrionizing because I am asking a question. I am very much aware that some keygens kick out as false positives and sometimes crappy releasegroups uses trojans to inject their revised code. It's very easy to spot. Thats not the case here (the .dll file itself) - and I've never ever seen AA2E used in this way before. Have you? Which release and how? Whats its use?

    Devs can't just report cracks as viruses ... thats not how it works. I am a dev with a registered company - do you think I can just throw a release/some code at Kaspersky or whatever and say "hey, this is a virus - no need to check it just flag it"?
     
  7. Olymoon

    Olymoon Moderator

    Joined:
    Jan 31, 2012
    Messages:
    5,777
    Likes Received:
    4,445
    Best Answer
    The thing is that people are tired to see this question all the time,
    Not to speak about title like this...

    R2R releases are god dam clean ... and at sister site they are brought to us by reliable runners ...
    NO THERE IS NO VIRUS WITH R2R REALEASES AT SISTER SITE...

    this have been said thousands of time.

    Use a serious anti virus, learn how they work, and thus how to use it .... then , you can speak about it ...

    You need to take off Heuristic detection from your anti virus. If you dont know what is heuristic detection, google it.
    Then you wont receive false positive any more.

    But please dont create a thread here, each time your anti virus flag something from R2R, because it only happen because you dont know how to use an anti virus ...

    I hope this helps, but if it's not enough, please PM me I'll give you more explanations
     
    • Agree Agree x 10
    • Like Like x 4
    • List
  8. kh_minusone

    kh_minusone Guest

    No need for that since AVs use machine learning to flag code with suspicious behaviour that isn't necessarily malicious. Case and point, any unsigned portable created with BoxedApp Packer will extract itself into RAM before executing, which your AV may not like because there's malware that behaves in a similar manner. This doesn't mean that the portable is malicious.

    If you can demonstrate that R2R's latest release does indeed contain malicious code, even when by this point a lot of people have likely already tested the release themselves (and any malicious behavior would've prompted a takedown), then you'll be doing us a favor and we'll be very thankful. Otherwise people will just dismiss your concerns.
     
  9. franky lake

    franky lake Newbie

    Joined:
    May 15, 2019
    Messages:
    15
    Likes Received:
    1
    how about devs mirrorng infected releases
     
  10. iamawesome

    iamawesome Newbie

    Joined:
    May 29, 2018
    Messages:
    10
    Likes Received:
    1
    Jesus christ.
     
  11. franky lake

    franky lake Newbie

    Joined:
    May 15, 2019
    Messages:
    15
    Likes Received:
    1
    you clearly are one wholesome dev responding like this :rofl:
     
  12. Lepow

    Lepow Producer

    Joined:
    Sep 12, 2015
    Messages:
    208
    Likes Received:
    115
    Location:
    RJ-BSB
    "Thou shalt not take the name of the Lord thy God in vain"
     
  13. lukehh

    lukehh Audiosexual

    Joined:
    Jun 22, 2012
    Messages:
    1,043
    Likes Received:
    594
    Can you plz upload a screenshot of your AV-Alert?
     
  14. FrankPig

    FrankPig Rock Star

    Joined:
    Jan 31, 2021
    Messages:
    583
    Likes Received:
    408
    Location:
    Hog Heaven
    Which release specifically did your AV alert you?
     
  15. phumb-reh

    phumb-reh Guest

    Have you tried VirusTotal?

    And most keygens you can run sandboxed you know.
     
  16. realitybytez

    realitybytez Audiosexual

    Joined:
    May 29, 2013
    Messages:
    1,451
    Likes Received:
    633
    well, technically, all he did was type his name. if that was all it takes, the bible should be considered profane.
     
  17. Lepow

    Lepow Producer

    Joined:
    Sep 12, 2015
    Messages:
    208
    Likes Received:
    115
    Location:
    RJ-BSB
    I'm only here for the beer
     
  18. EddieXx

    EddieXx Audiosexual

    Joined:
    Sep 13, 2015
    Messages:
    1,316
    Likes Received:
    761
    its worth a sticker by now. with title

    "NO ITS NOT A VIRUS!" .. and if is, tough shit!
     
    • Like Like x 2
    • Dislike Dislike x 1
    • Agree Agree x 1
    • List
  19. Polomo

    Polomo Guest

    [​IMG]

    Is it offensive, if I think this, about the OP:
    [​IMG]
    ?
     
    Last edited by a moderator: Sep 19, 2021
    • Like Like x 2
    • Dislike Dislike x 1
    • List
  20. Olymoon

    Olymoon Moderator

    Joined:
    Jan 31, 2012
    Messages:
    5,777
    Likes Received:
    4,445
    You have to download from reliable place / poster.
     
  21. BuntyMcCunty

    BuntyMcCunty Rock Star

    Joined:
    Nov 13, 2019
    Messages:
    594
    Likes Received:
    338
    Location:
    Liverpool
    You still haven't told us which release you're talking about, so if you're really "asking a question" you aren't giving anyone sufficient information to provide you with a meaningful answer. If you can't just throw a release at Kaspersky and say "no need to check it, just flag it", why the hell do you think you can get away with doing exactly that shit here?

    Which prompts two thoughts:

    a.) if you're really a dev, are you here on some disinformation programme, attempting to dissuade people from downloading R2R releases?
    b.) would a competent dev be "asking questions" about a release without giving his audience any damn clue which particular release he's talking about? Seems hugely unlikely to me.

    So, either:

    1.) Not a dev
    2.) Not competent
    3.) Engaged in intentional disinformation.

    My money's on 2, but who knows? Interesting that your very first comment on the site is also bitching about R2R and sister site.
     
    Last edited: Sep 19, 2021
    • Like Like x 3
    • Dislike Dislike x 1
    • List
Loading...