Malware?

Discussion in 'Lounge' started by tzzsmk, Nov 7, 2023.

  1. tzzsmk

    tzzsmk Audiosexual

    Joined:
    Sep 13, 2016
    Messages:
    3,709
    Likes Received:
    2,279
    Location:
    Heart of Europe
    Hi folks,

    from time to time, I randomly scan downloads for malware, and this recent one was quite interesting, flagging some old shares from sister site (Rational Acoustics Smaart v7.2.1.1 from 2011 or PowerISO 8.3 R2R for ex.),

    question is more academical:
    let's say (sister) site removes/replaces genuinely flawed shares with safe ones, how can a casual user know?

    and bonus question:
    let's say files can become infected/altered when stored on an end-user device, is there some kind of hash/md5/checksums at sister site?

    cheers

     
    • Interesting Interesting x 2
    • List
  2.  
  3. Hennessey

    Hennessey Platinum Record

    Joined:
    Sep 10, 2016
    Messages:
    561
    Likes Received:
    285
    Location:
    Eastern Europe
    If you download from trusted releaser, and if we talk about R2R releases, they can not be altered/infected since there is just 2 of people or 4 of them who exclusively release R2R apps and no one except them have not access to the R2R releases.
    Therefore they are safe 100% but the way they operate e.g. keygen for poweriso is always flagged as a malware even though is 100% clean, so if you download from trusted sources(people) there is no need to worry, because R2R would never do something to harm users.
    As long as we talk about R2R and trusted releasers no worry. I was worried about Native Instruments keygen flagged all the time from Kaspersky and I strongly trust Kaspersky, but it was false positive, because there was no pointed what threat , rather was flagged as generic/potentially unwanted software etc. All other AV except Kaspersky, Eset, Bitdefender, should not be used and taken as trustworthy sources.
     
    • Interesting Interesting x 2
    • Useful Useful x 2
    • List
  4. krameri

    krameri Rock Star

    Joined:
    Jul 20, 2014
    Messages:
    475
    Likes Received:
    326
    I'm no expert by any means, but keygens almost always trigger AV. It even happens on my Mac with .exe keygen files! That's funny! I sometimes wonder if it's a concerted effort by AV developers to curb piracy. But I'm no expert.
     
    • Like Like x 1
    • Agree Agree x 1
    • List
  5. Olymoon

    Olymoon Moderator

    Joined:
    Jan 31, 2012
    Messages:
    5,777
    Likes Received:
    4,446
    We dont do this, so now you know.
     
    • Like Like x 2
    • Winner Winner x 1
    • List
  6. stopped

    stopped Platinum Record

    Joined:
    Mar 22, 2016
    Messages:
    585
    Likes Received:
    209
    for rational acoustics, virustotal shows 0 hits for the keygen and 1/63 hits for the smaart7setup (and that only because it is packed)
    what are you seeing that makes you think these things have viruses? I'd be concerned that you have something infecting these things on your own PC
     
    • Interesting Interesting x 1
    • List
  7. clone

    clone Audiosexual

    Joined:
    Feb 5, 2021
    Messages:
    7,540
    Likes Received:
    3,323
    Best Answer
    \
    question 1: Often when a file is infected, removing the "virus" from a file will damage the file, to where it is useless. If there is no clean file available, the release may become junk. What you may also see are files which had undetectable malware, but some time down the road, the previously undetected is now flagged/marked infected with different new scan results.

    bonus question: this scenario is typically BS. Since we only really end up with .rar,.zip, 7zip, types of archived files, the file inside the archive generally can not be infected while inside the archive. They need to be extracted, infected, and then rolled back up. A virus which can inject itself into a compressed file inside an archive is improbable or impossible. The archives are usually not self-extracting; so until it is extracted, the file is not executable. The file to become infected has to be on the system, in some kind of uncompressed form. Since racers and couriers should not be tampering with files; the only place this infection can occur is on the crackers machine. This is why repacks suck, and a reason why Teams can become angry at re-packers. Rightfully so. The average user is not going to know something from Example Team was tampered with and the Teams release will be where the blame for any infected files will end up. (even though they started out as clean).

    When you consider this, most posts on sister site are also located on free file hosting servers; and a third degree of separation from that due to peeplink. A full scan of the entire content on the sister site would be impossible. So unless someone reports something as a virus later on, there would never be a re-scan of old files because their locations are almost "decentralized". they are definitely not stored *locally*.

    The archived file gets sent to VT in it's original compressed form, and therefore someone claiming it is some innocent mistake that just secretly happened with the file on their computer is false.
     
    • Like Like x 2
    • Winner Winner x 1
    • Useful Useful x 1
    • List
  8. Atlantis84

    Atlantis84 Platinum Record

    Joined:
    Nov 26, 2021
    Messages:
    679
    Likes Received:
    293
    been knowing you for a while one of the very cool peeps one of my favorite people to be direct i met on here one of the first i met on here but don't for a second start thinking like the other guys been thinking about this site having malware on they software and keygens don't even do it .....all type of downloads been setting off triggers for years now all of sudden it's a big deal this is a cracked site we use keygens and softwares for years u have to understand download at your own risk this site is very well trusted and have a good reputation of having good downloads thats just what it is nothing else after that i can't change nothing u cant either or anybody else .... if yall don't listen u going to keep making threads about malware on this site i know how shit spreads aint nothing wrong u been downloading from this site before i even knew this site existed and you never had no issues so u know bro @tzzsmk you safe here and you know it ...
     
    Last edited: Nov 8, 2023
  9. Atlantis84

    Atlantis84 Platinum Record

    Joined:
    Nov 26, 2021
    Messages:
    679
    Likes Received:
    293
    what im saying don't give people the space to even talk about this shit don't even entertain the malware title because they going to try to make this site look bad like we don't give a shit about people and as if we allow uploaders from Audioz to mess they computers up @tzzsmk
     
    Last edited: Nov 8, 2023
    • Interesting Interesting x 1
    • List
  10. RachProko

    RachProko Producer

    Joined:
    Sep 25, 2022
    Messages:
    277
    Likes Received:
    144
    I think you still need to remain objective and vigilant about possible infected files. No one site can completely guarantee that it's completely clean! Yes, the sister site is most likely the best around today. But is it truly infallible? Actually, nothing is!
     
    • Like Like x 1
    • Agree Agree x 1
    • List
  11. tzzsmk

    tzzsmk Audiosexual

    Joined:
    Sep 13, 2016
    Messages:
    3,709
    Likes Received:
    2,279
    Location:
    Heart of Europe
    I apologize if my words look like shedding bad light or disrespecting sister site, that's completely apart from my intention,
    you know I'm usually honest, so better ask than doubt :mates:

    I'm just curious on technical/academic matter, and @clone pretty much explained perfectly, thanks!

    broken/shady releases do get removed (and that is a good thing): https://audiosex.pro/threads/audio-modeling.72478/


    just one last question: would it make any sense (for a sister site, uploaders...) to password-protect archives to increase their security/integrity, or it's worthless additional step?
     
    Last edited: Nov 8, 2023
  12. Olymoon

    Olymoon Moderator

    Joined:
    Jan 31, 2012
    Messages:
    5,777
    Likes Received:
    4,446
    I was aswering to this:
    He unfortunately mixed to many thing in this sentence...
    We dont modify / replace the releases.

    But yes we remove the bad ones, which generally are not signed by any team.
     
Loading...
Loading...