Looking into problems with Latest Melodyne freezing in Cubase Pro and say massive CPU usage 70 - 90 percent

it a program called WFD.exe
WFD.exe bitcoin malware uses your computer to collect stuff for them C:\windows\appsdata reboot dont open anything and remove

I hope this helps please check your systems noticed this slow down last week

 

If it only was so simple...

 

Follow the instruction on this forum:
https://forums.malwarebytes.com/topic/125534-cant-remove-bitcoin-miner-and-svchostexe-virus/

Not exactly the same "virus" but worth a try

Or an easier solution use your backup either clone or image of your system. Nobody uses a music production pc online without having a backup. So I take for granted that you have one.

 

Clone, then clone and when you have 2 clones make another clone.

 

it was and it worked for me now im back up to speed again

 

I was under the impression for previous posts over the years that malware NEVER makes it on to sister site. Is that where you got it from? I dont know if they can be bothered to go through it all again, but could any of the mods, olly, pirate etc confirm my thinking?

 

You mean mods at the sister site?
The Pirate is not a mod here or at the sister site; pirat is a different person.
Just saying.

 

I was refering to this site. Discussions have taken place here re the sister site no? I was sure I had seen people state that the releases on sister site were almost always clean. Thats all.

Cool, no problem. I understand they are different people, i now realise they are not a mod, just knowladgeable and helpful. Sorry. Have a nice one.

 

Last edited: Aug 15, 2020

Watch out! If you clone the spinning cone, you may get a cyclone!

 

@Pure Energy do you still have the original file you downloaded? If you do, and it came from sister site check your PM. I want a copy of it to run some tests because the ramifications go beyond the wfd.exe. Indeed, it will open a whole can of worms. I really doubt that it came from Team RET but if it did.... If you downloaded it from elsewhere, I am not interested.

 

That response basically answers my original question. Thanks The Pirate for all of your knowledge and input on this forum (and I dont mean just regarding the sister site and scene, just in general). Peace

 

@The Pirate, did you have a chance to check the one that is currently up on the sister? Does it behave as the OP stated? ATM I can't check it myself.. the only (sort of) helpful thing I can say is that the file is now exactly the same, as it was on 11th, when posted.
Any info much appreciated

P.S. Sorry, but I'm a bit confused - If anything that OP says is true, it should have been removed days ago..

 

I have not but will do it shortly. Whether it is true, it is not as important as if it actually came from AZ.

 

@TaxiDriver and @Pure Energy There is NOTHING wrong with the latest Melodyne as long as it is the one from AZ. NOTHING. Therefore, @Pure Energy downloaded it from elsewhere or his computer got infected from a totally different program or reason.

 

I don't think you need to mention the private sexual proclivity of a fellow member, but I concur with the rest of your statement.

 

Well, I don't know if it's right or wrong, but here my experience:

standalone asks to modify
"C:\Users\username\AppData\Roaming\Microsoft\Crypto\RSA"
and
"C:\Users\username\AppData\Roaming\Microsoft\Crypto\Keys"
folders, detected and access blocked by Avast Ransomware shield.

Same with .VST3 in host and this time Reaper.exe triggers the same above.
I renamed .VST3 in .ODD )), Reaper.exe triggers no more.
Renamed back in .VST3, Reaper again triggers and folder access blocked again.

Malwarebytes, nothing found.
USB boot in Kaspersky Rescue, nothing found.

Having said that, I didn't find W.F.D. and no strange behaviour so far.

DUH?