Nexus 3 warning after latest Windows update

Discussion in 'Software' started by Stuck In The 80s, Aug 12, 2021.

  1. Stuck In The 80s

    Stuck In The 80s Rock Star

    Joined:
    Jul 29, 2019
    Messages:
    526
    Likes Received:
    310
    Anyone else get this message after the latest windows update?

     

    Attached Files:

  2.  
  3. homer_simpson

    homer_simpson Platinum Record

    Joined:
    Jan 21, 2014
    Messages:
    355
    Likes Received:
    167
    Location:
    Poland
    even before update was that warning from different security apps....
     
  4. Stuck In The 80s

    Stuck In The 80s Rock Star

    Joined:
    Jul 29, 2019
    Messages:
    526
    Likes Received:
    310
    no.. the other antivirus say nothing found (malwarebytes and kaspersky)
     
  5. BEAT16

    BEAT16 Audiosexual

    Joined:
    May 24, 2012
    Messages:
    9,082
    Likes Received:
    6,990
  6. DJK

    DJK Rock Star

    Joined:
    Nov 23, 2017
    Messages:
    1,059
    Likes Received:
    490
    Location:
    felixstowe england
    windows defender keeps flagging this as a trojan, i am not sure why,if it was a .exe file then i can understand the worry, but its a .dll which is only active when using nexus 3, maybe others can put some light on this.
     
    Last edited: Aug 12, 2021
  7. BEAT16

    BEAT16 Audiosexual

    Joined:
    May 24, 2012
    Messages:
    9,082
    Likes Received:
    6,990
    It depends on where you downloaded Nexus 3. With the Chinese sources they have probably packed a Trojaner with them. So please download from the Sister website and not from dubious sources. He doesn't have the virus alert on C: / but on D: / (see the photo of him in the file attachment).
     
    Last edited: Aug 12, 2021
    • Dislike Dislike x 1
    • Disagree Disagree x 1
    • Useful Useful x 1
    • List
  8. Hennessey

    Hennessey Platinum Record

    Joined:
    Sep 10, 2016
    Messages:
    554
    Likes Received:
    279
    Location:
    Eastern Europe
    I was sceptical to, but as far as I know that is because the code in dll is obfuscated to protect crack code from alternating it. So Windows defender and other AV maybe sees that as a virus because of that. BTW, you have on the sister site more recent version Nexus 3.4.4. So you should download that version just in case.

    From point of view with Kaspersky there is nothing to worry about, and that is the most reliable AV in the market, so yes I can say that is clean.
    Malwarebytes says nothing, as HItman pro and HItman alert, so don't worry, just download from sister site another version.
     
    • Useful Useful x 2
    • Like Like x 1
    • Agree Agree x 1
    • List
  9. Stuck In The 80s

    Stuck In The 80s Rock Star

    Joined:
    Jul 29, 2019
    Messages:
    526
    Likes Received:
    310
    It seems to no longer be on the sister site?:dunno:
     
  10. keygen.exe

    keygen.exe Producer

    Joined:
    Apr 29, 2020
    Messages:
    252
    Likes Received:
    106
    You can add it as an exclusion in the windows defender.
     
  11. No Avenger

    No Avenger Moderator Staff Member

    Joined:
    Jul 19, 2017
    Messages:
    8,915
    Likes Received:
    6,112
    Location:
    Europe
    Due to a DMCA takedown request.
     
  12. BiG Pluck

    BiG Pluck Kapellmeister

    Joined:
    Jun 15, 2020
    Messages:
    179
    Likes Received:
    72
    Almost all kracks are a virus in some way.
    They have to beat out certain security protocols.
     
    • Like Like x 2
    • Agree Agree x 2
    • List
  13. wuzzle

    wuzzle Platinum Record

    Joined:
    Nov 28, 2014
    Messages:
    473
    Likes Received:
    265
    Location:
    Lesser Galactic Co-ordinates: Earth (0.0.0)
    Companies and even users have the option of sending in hashes of the cracked files to the AV companies to so they get tagged.

    one example would be https://www.virustotal.com/gui/home/upload The thing is, it doesn't need to be an actual virus.
     
  14. keygen.exe

    keygen.exe Producer

    Joined:
    Apr 29, 2020
    Messages:
    252
    Likes Received:
    106
    Not really a virus, they just have the aspect of a virus, but they are harmless, at least from trusted sources.
     
  15. Talula

    Talula Rock Star

    Joined:
    Apr 22, 2018
    Messages:
    1,033
    Likes Received:
    301
    it is an old "problem" of some anti-viruses.

    in this case (if this happened after few months after installation) I think file was marked as virus because it was packed with "yoda's crypter" - packer for windows executable files (that using for viruses too). check file with another anti-viruses at virustotal.com


    P.S.
    not quite right. dll file (not only if it is a virus!) may receiving commands (and/or additional files from web), sending commands to system (or any other) files/apps/services to execute code, reading and sending any data (including data from any files), without any running host application at same time and controled in realtime mode too.
     
    • Interesting Interesting x 1
    • List
  16. clone

    clone Audiosexual

    Joined:
    Feb 5, 2021
    Messages:
    5,958
    Likes Received:
    2,528
    you are describing magic. a dll cannot execute arbitrary remote code just by sitting on a hard drive.
     
  17. Talula

    Talula Rock Star

    Joined:
    Apr 22, 2018
    Messages:
    1,033
    Likes Received:
    301
    yes, dll need a "master" process, but it is can be any process. only the one first calling of dll (also during an installation, also it can be other temp dll that setting up all components) can execute all needed commands for future. for installed dll (vst plugin) it can executing commands from joined code section right after loading dll by host application, and then redirect to original code of dll and plugin will be loaded as usual.
    I saw a lot of viruses as dll and ocx. one of them workiing as internet explorer component (can be joined and installed by user with any software installer) and loading only after user authorisation at specified address (web app), it changing value and address for money transaction (but showing user original entered data) to stole all money from account, it also sending some info to authors of virus. and it can be uninstalled by remote command from authors using running internet explorer. and this was possible more than 10 yaers ago.

    so you should update your knowledges about dll, start with main at https://en.wikipedia.org/wiki/Dynamic-link_library
     
  18. aplel1419

    aplel1419 Kapellmeister

    Joined:
    Jan 4, 2021
    Messages:
    94
    Likes Received:
    47
    The version which is/was in sister site was the original one, which originated from the chinese source. AFAIK there is no an other version. I tried the files from sister site and the original source and they both get flagged as viruses.
     
  19. Sylenth.Will.Fall

    Sylenth.Will.Fall Audiosexual

    Joined:
    Aug 21, 2015
    Messages:
    2,422
    Likes Received:
    1,640
    The best solution is never to go online with the computer you use to make music, and then to use either Shadow Defender (Or some other sandbox software) to work on a snapshot of the C drive, so no changes are ever made to it when you reboot.
     
  20. statik

    statik Audiosexual

    Joined:
    Jul 3, 2014
    Messages:
    1,516
    Likes Received:
    659
    Location:
    under your bed
    so what you're basically saying it that every single chinese cracker out there will probably insert a trojan into software only being used by a very small part of the population, the original source is infact chinese, if i'm not mistaking, and was selling this version online. yeah sounds like a great business model.

    it's totally not logical, think about it: chinese gov "we need to know if those damn musicians are making anti communism music" one of the nerds being commanded to do this "but winnie only 0.002% (yes i made this number up,could be more could be less) use this software, couldnt we better infect windows 11?" winnie "guards, execute this man for correcting me"

    is this racist paranoia or paranoid racism
     
  21. Talula

    Talula Rock Star

    Joined:
    Apr 22, 2018
    Messages:
    1,033
    Likes Received:
    301
    insert a virus can any other person from any country, not only cracker or crack team.:shalom:
     
Loading...
Similar Threads - Nexus warning latest Forum Date
normal instruments vsts (Omnisphere, electra, nexus....) vs kontakt libraries Software Mar 17, 2024
Selling Xfer Serum and ReFX Nexus 3 (refx account) Selling / Buying Feb 4, 2024
ReFX Nexus 3 Moved Library - relocate? Software Jan 3, 2024
NEXUS4 Expansion $ Purchase Selling / Buying Dec 27, 2023
Nexus user presets not working after switching systems Software Nov 2, 2023
Loading...