Something bad is happening !!! SOLVED!

Discussion in 'Lounge' started by Hennessey, Oct 7, 2019.

  1. Gyro Gearloose

    Gyro Gearloose Audiosexual

    Joined:
    Jul 8, 2019
    Messages:
    4,234
    Likes Received:
    1,849
    Location:
    Germany
    there against you can do nothing, instead of use very old pc........also when highly advanced IT nerd knows youre IP or network stuff of yours you can do nothing..
    AV apps are a joke for private users like us..pure fraud...false positives...just watch virus total...22 different signatures on 1 file..

    avg is very good at this...also cpu usage indicates nothing reliable
     
    Last edited: Oct 8, 2019
  2. Sinus Well

    Sinus Well Audiosexual

    Joined:
    Jul 24, 2019
    Messages:
    2,119
    Likes Received:
    1,629
    Location:
    Sanatorium
    that's right. I have no AV except windows defender. I dont need one. windows has its own tools to control what a program does. my favorite tool is called windows console :winker:
     
  3. sms2000

    sms2000 Ultrasonic

    Joined:
    May 18, 2019
    Messages:
    87
    Likes Received:
    27
    this thread goes completely politic to nowhere. shut it down now.
     
  4. Lois Lane

    Lois Lane Audiosexual

    Joined:
    Jan 16, 2019
    Messages:
    4,893
    Likes Received:
    4,813
    Location:
    Somewhere Over The Rainbow
    Always wear a condom when fucking around with unreliable sources, or to be even safer, don't diddle at all, just don't install.

    [​IMG]
     
    • Like Like x 1
    • Agree Agree x 1
    • List
  5. Gyro Gearloose

    Gyro Gearloose Audiosexual

    Joined:
    Jul 8, 2019
    Messages:
    4,234
    Likes Received:
    1,849
    Location:
    Germany
    netstat -ano
    taskmanager/process explorer
     
  6. Gyro Gearloose

    Gyro Gearloose Audiosexual

    Joined:
    Jul 8, 2019
    Messages:
    4,234
    Likes Received:
    1,849
    Location:
    Germany
    :hillbilly::hahaha:
     
  7. Hennessey

    Hennessey Platinum Record

    Joined:
    Sep 10, 2016
    Messages:
    561
    Likes Received:
    285
    Location:
    Eastern Europe
    Hello to everyone! Well there are so many comments and i cant answer all of them .
    But to summarize,now at this very moment, after recovery i am clean, but yesterday i have a strange behavior with Windows explorer when i re downloaded Spire KG to test him, but once i deleted affected file, that stopped immediately,so what is the thing i cant figure out.
    Then i have for the 4th time again downloaded affected file, just for sake of the thread ,and now everything seems to be ok...
    And i am still scared to run that Spire KG, just to test that bloody thing ,even if AV says that there is no threat.
    Like i said i have not nothing downloading from suspicious sites ,maybe every was coincidence, but in two time coincidence i do not believe tbh.
    I have also on my PC stored, not downloaded,but stored, Adobe ISO files from dude that is reliable and never had problems with that ,but his stuff didn't trigger the problem, but files from Rutra...
    Also i have a Heidoc windows downloader tool to get a genuine Windows 7 ISO image from MS. That site is verified from many legit users and the site and the file itself was clean as a whistle ....
    I am using a Maherz Win 7 Ultimate , but for me was never stable as i expected , but at least the best one, because i make too much research before something gets stored on my PC especially Windows.

    None of the files i have mentioned was not trigger, for my pc to act like a crazy bull, but files i have mentioned in the first thread.

    Like that Antares thing was, i saw thread on sister site,for me that was enough then i looked on Rutra and downloaded it from there, because those two sites for me are trustworthy and not questionable, to have some infections and so on.
    But there was an opposite thing ,that was a some king of bad infection.... DAMN!
    Luckily for me i have not installed at that moment because i was too lazy to get screwing with ilok shit to install!
    And BAM i looked on sister site,the thread disappeared and so on Rutra, and that stop me to test it, until come some kind of report, why is that file get stop to be distributed. In first time i was thinking, it was some DMCA shit but i still awaited to get more info ,and there was here after some time....

    And now time for AV. Eset is far better than any AV for me because of years of using and i know when Eset reports , that something is a malware, then is a REAL malware. I believe him, except if happens to be some file FROM AZ (which again that is a rare) and i believe that file is clean and that is a FALSE POSITIVE, so i ignore that warning,again, because is from AZ.
    In my past internet history i have nothing downloaded except for audio apps, from sister site and 3yrs from Rutra.
    I have established my audio apps heaven so i have searched no further....For me that is more than enough!

    To add something i allways when i am not sure about something use Virustotal always....

    This morning i have downloaded AD drums from Rutra ,even if i have on my external HDD rars from AZ, but just to test my AV...
    And normaly Avast reports me on KG some nasty Trojan, but Eset is cold as ffff ....
    Then comes the most confusing thing, and that is , AVAST is not detecting a SPIRE KG at all, and from my experience with AVAST, he reports 99% of time any keygen he see...
    Some day will report the bloody MS like infection ,so i dont believe in AVAST at all, but just for testing purposes, like someone get me suggested i give it a try again,but nono ...Now I dont know what to think .....

    I have noticed that after running or getting that affected file on my PC ,something strange happens to ESET and changing its behavior, idk.... Maybe virus get away from virus idk...
    Since i am not familiar with now days threats and there was no reason to do that,i was safe all the time on sister site ,i am not informed what viruses are capable to do....


    I have read yesterday about malwares little bit more and i have found out that some type of malwares can not be detected by AV and they need special kind od "treatment" so i will download some tools just to check up my system....



    This thread should be a some warning to all of us people, to go get safety from some APPS... My intention was not to mark some sites, as they are not secure or similar. I just wanted to say that something is happening and we have a good example with Antares Auto Tune... I got infected and that is the real thing and i am saying what are the last apps i used before virus kicked in. And you have a screenshots in the first thread and you can see by yourself... I was not panicking but i haved at the moment more than 100 unknown processes and number was going up,and all of them were suspicious by Acronis Ransomware protection. And of course, error sound every few seconds and Windows explorer was not in my control at all... When i try to delete files out affected folder ,in other words other downloaded files in that time i got a security check and asking for Admin privileges to delete those files ,so if that was not a virus, this whole thread is then a conspiracy theory....

    Stay safe and thanks for helping me out with those problems....

    ------------------------------------------------------------------------------------------------------------------------

    UPDATE | I have executed the KG file again, to test it , and on double click i get this window opened... That was never happened and now all folders get opened like the file on double click... NO AV detects and virus total gives decent results 40 detection of 70,but major AV doesent see as dangerous . See screenshot 1

    All files and folders outside DOWNLOAD folder , open as suppose to. I can open folder just with right mouse click then OPEN in menu.
    And that happens after executing THAT file and nothing happens on execution...
    No opening KG at all, last time i managed to properly run KG and generate a licence file, but afterwards i had a severe damage on my system as you saw in first post!
    First time i didnt had ESET installed on my system so maybe ESET blocks it but doesnt give any report ...

    So please explain me that, that never i repeat never happened to me and i have a long warez download history....


    UPDATE TWO I can open folder normaly again after close all active windows,or explorer restarting.... Hmmmm oh mannn this is fucked up! And then gives me access to run keygen..... OH my God i will replicate whole situation to see what is happening....
     
    Last edited: Oct 8, 2019
    • Like Like x 1
    • Creative Creative x 1
    • List

    Attached Files:

  8. Gyro Gearloose

    Gyro Gearloose Audiosexual

    Joined:
    Jul 8, 2019
    Messages:
    4,234
    Likes Received:
    1,849
    Location:
    Germany
    when you want use AV just use ZONER....
    i use none just windows firewall control
     
  9. grdh20

    grdh20 Platinum Record

    Joined:
    Jan 14, 2014
    Messages:
    665
    Likes Received:
    226
    Hard to say what is happening with this but it is common for windows av to flag or quarantine keygens and some cracks as malware since to the OS, it IS performing something risky, even though in reality most are just doing their little keygen jobs. In the end, all you can do is self analyze the contents of whatever you download from wherever and read the comments and then cross your fingers, or just buy legit, or go with a mac which seems to be less susceptible.
     
  10. Hennessey

    Hennessey Platinum Record

    Joined:
    Sep 10, 2016
    Messages:
    561
    Likes Received:
    285
    Location:
    Eastern Europe
    For the moment i will keep crossing my fingers, and that is my ultimate solution right now..... Thanks :wink::)
     
  11. Sinus Well

    Sinus Well Audiosexual

    Joined:
    Jul 24, 2019
    Messages:
    2,119
    Likes Received:
    1,629
    Location:
    Sanatorium
    That's a myth. 20 years ago I would have agreed with you, but today just as much malware is being developed for Mac architecture as for Windows systems.
     
    • Agree Agree x 2
    • Like Like x 1
    • List
  12. Lois Lane

    Lois Lane Audiosexual

    Joined:
    Jan 16, 2019
    Messages:
    4,893
    Likes Received:
    4,813
    Location:
    Somewhere Over The Rainbow
    And just when you thought everything was going to be hunky dory and go back to normal...



    DON'T TOUCH IT!!!
     
  13. Hennessey

    Hennessey Platinum Record

    Joined:
    Sep 10, 2016
    Messages:
    561
    Likes Received:
    285
    Location:
    Eastern Europe
    Ok here is the deal i have found new clue and where my possible problem was ,and that was in AiR Music Tech Xpand!

    Thats is Audioutopia XPAND and i have it uploaded to my Google drive so i can access from anywhere and i forgot to mention yesterday that the procedure was.

    1. I have installed Generated licence with Spire Keygen
    2. Started installation from Xpand! and at the very end of installation i started to geting errors.

    Today i downloaded that Xpand! installation, scanned with eset and no problem but, installation was blocked like i was describing all the time i was not able to start app, then on the right click context menu i started installation and was waiting. Nothing happens and then i got report from ESET that file is infected and cleaned. I have a trust for instalation..... DAMN

    That Xpand was downloaded from the Rutracker or from sister site, i dont even remember anymore when was released,3yrs ago, but i cant find it anymore except a repack version on rutra ....
    And just downloaded repack version, even without checking status of torrent and a EXE file wasnt downloaded and the torrent status is DOUBTFUL... OMG, what a cardinal mistake by me.... Status of the torrent has been changed i think cause it was normaly working torrent i have even on my external backup app HDD that instalation.... So my apologize to everybody , but for sure we will need to stay safe.....
     

    Attached Files:

  14. Gyro Gearloose

    Gyro Gearloose Audiosexual

    Joined:
    Jul 8, 2019
    Messages:
    4,234
    Likes Received:
    1,849
    Location:
    Germany
    eset is not adequate...
    dont let AV torture you with fake positives...
    the only virus was on dima's upload without his knowledge...
    so i guess this has something to do with network stuff ,ports etc..
     
  15. Hennessey

    Hennessey Platinum Record

    Joined:
    Sep 10, 2016
    Messages:
    561
    Likes Received:
    285
    Location:
    Eastern Europe
    I dont know but this is a real nightmare,bro.... never like i said i never had issues like this ....
     
  16. Gyro Gearloose

    Gyro Gearloose Audiosexual

    Joined:
    Jul 8, 2019
    Messages:
    4,234
    Likes Received:
    1,849
    Location:
    Germany
    you are in panic loop scratching youre skin apart...
    my aproach is always have nice back up and start new fresh os life...its always better then before
     
    • Agree Agree x 1
    • Winner Winner x 1
    • List
  17. Hennessey

    Hennessey Platinum Record

    Joined:
    Sep 10, 2016
    Messages:
    561
    Likes Received:
    285
    Location:
    Eastern Europe
    I have same thoughts but i have to finish some project and then i will do that for shure because i cant stand this .... Once more i apologize to all members for my panicking but well i have a good intention before everything get mess....

    UPDATE

    i installed infected XPAND! from Rutracker ...

    Installation file was packed with some SMARTINSTALER, so i guess it was not possible to get extracted from Antivirus to be scanned.
    But once you run that installer,first extracts all original files from AudioUtopia and virus in APP data folder ,where the virus life begins,but this time luckily ESET blocked it for me.
    Last time i ran into problems because i didnt have AV installed, so i got a mess .
    Restarts pending because of shity ILOK drivers ,so i have to reboot PC and then if the problem occurs i will update my post!

    Look for screenshot there is one Xpand! Setup exe file from 1.6gb the malicious one. And the rest files are i suppose original from AudioUtopia which were repacked with virus and extracted in APPdata TEMP folder.
    That is the one file was uploaded on rutracker, but i will download now from AZ to see if is the same file,if it is i will give a tip on that post ....
     
    Last edited: Oct 8, 2019

    Attached Files:

  18. Gyro Gearloose

    Gyro Gearloose Audiosexual

    Joined:
    Jul 8, 2019
    Messages:
    4,234
    Likes Received:
    1,849
    Location:
    Germany
    no need to apologize , also from this someone is learning something...
     
  19. The Observer

    The Observer Guest

    Unfortunately for everyone, no matter what walk of life they come from, there are people with malicious intent.
    A perfect example was the ransomware 'Gandcrab'.

    Any nasty malicious code affects everyone whether they buy or pirate software. As far as warning everyone, kudos to the thread author totally.

    The biggest issue facing everyone is to look at it realistically. Let's say the developer of a reputable software firm downloads a shareware tool they think will aid in their daily routines. That shareware has been infected, the developer's AV misses it (Like this thread indicates) and then the next major update has the same problem permeated to everyone downloading it. Catastrophic!

    So yes it's a problem.
     
  20. statik

    statik Audiosexual

    Joined:
    Jul 3, 2014
    Messages:
    1,535
    Likes Received:
    667
    Location:
    under your bed
    can you give some sources for this?
     
Loading...
Loading...