Shame on them - no touching allowed!

Seriously speaking that's why I always make my own "manual" installers in a VM. Because you never know, but mostly because I hate seeing 666 programs/plugins installed in "Programs and Features". Thankfully, VR makes great installers, but I still do mine to be able to choose what files to install.

 

Is it possible that one of these uploaders: makaveli, hidera, deuces, alexfduch, Xaudios, HATSHEPSUT packed a virus in?

In theory, you would have to download all of them and then do a virus check.
Request for correction - was just an idea. Because I have the virus Win32 / Wacapew.C! Ml found in the file!

 

I'm currently demoing the Fast Equilizer on mac and I've gotta say, I think it's pretty impressive as far as the implementation of AI and usefulness is concerned. Looks like a simplified version of Sonibles Smart EQ3

 

Last edited: Aug 19, 2021

Try to uninstall it and see if its affecting your purple plugin. lol

 

Thanks for this message.
This is what im talking about. Something is not ok with the installer.

 

HA is mostly professional tool for RE experts. You can't just look at some scary words like "touches files in the Windows directory" or "identified as malicious" and say that there are viruses inside. You can see reason why files in the Windows directory was touched: just for API calls like any other software. And you can even upload any R2R installer and will see same warnings.

 

"...usually i get my stuff from sister site or the russians." is NOT good enough.
The fact that you are not sure where you got it calls your competence into question and makes your anecdotal experience nearly worthless.

You should be documenting origins of every piece of software.
A simple copy/paste of link in text with date is all that's needed and you'll know where and when each came from.

There are a bunch of people who have installed this and no reports on sister site.
Plenty of comments on Russian site but again, no mention of any virus ,etc, false positive or not.

In my 5 years or so using watching this site and sister site, i have only heard of ONCE that a virus got uploaded in some package for a short time before being removed.
Warnings are fine, but to say you have lost trust in VR due to this?
Seems like you should have lost faith in yourSELF, if you can't identify where you got it.
If you have recent system backups +1 faith in yourself.

So, we will see if anyone else can verify your symptoms from a KNOWN sister site download, or even a Russian download.

 

Who the hell tracks and writes down all their downloads. I download a bunch of stuff and many times leave it in the folder.
Sometimes you just forget what you have downloaded, may take weeks before you try something.
Yes, i have sort of lost trust in his releases after this, what do you care what my personal stance is, are you the gate keeper of my hdds?
I have plenty of competence to know something is not alright, have been doing this for a long time.
But i question your competence in reading things trough, because there was at least one more member in this thread who confirmed the same thing happened to him as well.

 

Why are people so surprised by this. Even R2R mentioned here and there that some of the software was not properly cracked by v.r

I thought things trough and how i got it and i excluded the Russian source because it was in a destination that is reserved for direct downloads, not torrents, so i got it from the sister site.

Could be its not a trojan, i immediately deleted the file and restored the pc, didnt risk by going into safe mode to analyze the file, as the threat of losing my HDD was the biggest issue and time was not on my side.
Whatever it is it can still seriously mess up your essential directories. People should know there are certain risks involved.

 

In order to present themselves better, arrogant people often disparage their fellow human beings. They do this not only with their demeanor, but also clearly with their words. Because blasphemy is the arrogant's specialty. He takes every opportunity to speak condescendingly and judge others. Although he is incapable of criticism himself, he has no problem judging others. This behavior in particular makes him unpopular with many.

Arrogant people not only ignore advice, they always want to assert their own opinion. They always have to have the last word in discussions. They devalue the opinions of others, even if, viewed objectively, they would make more sense. However, they do not want to admit defeat, as this in turn would affect their lack of self-esteem.

 

Thank you @ArcticStorm for the explanations and information. The question remains "Why" Windows Defender "classifies the file" Focusrite Fast "as malware and the message" Program: Win32 / Wacapew.C! Ml "is displayed!

 

Last edited: Aug 19, 2021

What software do you use to create an installation profile and capture the installation process?

 

Windows Defender doesn't find anything in the .rar's I have downloaded. I've tested a couple of links each from Sunny, hidera and makaveli so far, but I don't have the patience to test every single link from all of the uploaders.

 

The "Ml" at the end of the name of the "malicious" program means that it was detected by machine learning (ML.NET), this often gives false positives on cracks, keygens, etc.

 

Thank You @jarredou for this information.

 

I've had the FAST bundle installed since it was released and I just re-installed it with one of the .rar's I downloaded today to see if anything happens, and it does fuck up your Visual C++. I guess it's the same as what happened with V.R's Arturia FX bundle installer. Nothing harmful though, you just need to re-install the Visual packages and everything is fine.

Running a total virus scan right now just to be sure, but I don't expect it to find anything.

 

Thank You @Arabian_jesus for the useful information !

 

Although this reply of yours was not to me (this is my first and only comment I will leave in this thread). I want to use your words to point something out to you and others here. When you say "Who the hell tracks and writes down all their downloads".. it clearly indicates you are in question of where you even downloaded it from. Let's say if the sister site was the "only" place you downloaded this type of content from, there would be no lack of knowledge where you got it from.

You say you've been doing this a long time.. so no pun intended. But let me tell you something. Unlike R2R's custom installers.. V.R's custom installers are almost never encrypted which makes them super easy to unpack with even the most basic tools like innoextract, etc. V.R's installers are friendly for users who want to unpack them and for example: remove all the AAX drivers, 32 and 64bit VST2's, user manuals, foreign language docs, vcred apps you already have installed on your system, etc. because you only want the 64bit VST3. Then you repack the installers, and now all of your V.R installers may only be 1/3 of their original size if you want to hold on to them. And yes, on the flip side it's just as easy to unpack a V.R installer, add a "Wacapew.C" file to it, and close it back up. That's all that needs to be said.

I took a look inside, and there is no "Wacapew.C" in V.R's release on the sister site, or that pertains to RET Ambi Bundle keygen as mentioned by someone else. "Doing this a long time" doesn't make any of us error-free. You still made the mistake of downloading from some untrusted source/torrent/etc. and not examining it's contents prior to installing it.