Virus Alert!

Silver · Aug 8, 2016

Becareful someone is spreading viruses with the game packages. I just found that yesterday some virus called mayweather which uses TOR installed in my system. It came to my system yesterday.

Buffalo Fred · Aug 8, 2016

Yikes, sorry about the virus.

How sure are you it's from one of these games, and if so, could you narrow down the culprit? Just did a scan and didn't find any on my system.

F95 · Aug 8, 2016

Silver said:
mayweather

Fake alerts

Which Antivirus are you using?

Silver · Aug 8, 2016

Buffalo Fred said:
Yikes, sorry about the virus.

How sure are you it's from one of these games, and if so, could you narrow down the culprit? Just did a scan and didn't find any on my system.

I use Malwarebyte. I don't think every game spreads viruses, I think certain people in here may secretly embed viruses among their releases. I notice that not all games are coming from F95, some random users upload them too. I am sure it came from one of the games I downloaded here, because I didn't download anything recently from other places.

Silver · Aug 8, 2016

F95 said:
Fake alerts
Which Antivirus are you using?

It's not a false alert, I found this in the "startup" tab in the task manager. It shows something called mayweather which automatically opens when the system starts, it has this TOR files in a sub folder. I found that they installed there in yesterday. I think it's better someone checks the releases if they are coming from untrusted people, once they are trusted enough let them upload without going through the verification process.

Silver · Aug 8, 2016

These are the games I downloaded yesterday

A3D02_Ayako_Sex-Addiction_ENGLISH_UNCENSORED_v1-3
TDLT_win
Alansya Chronicles - Fleeting Iris

I suspect "A3D02_Ayako_Sex-Addiction_ENGLISH_UNCENSORED_v1-3" might be the culprit. I remember it's uploaded by someone called
EEEEEEEEEEEEEEEEEEEEE
and it's hosted in some russian host.

You must be registered to see the links

Silver · Aug 8, 2016

Please check whether you have this file or not. Make sure to use your username as "User"
C:\Users\User\AppData\Roaming\MetaData\sys6nt.exe
It also has a subfolder which has TOR files, it runs along with this executable. I am not sure it's catchable through an antivirus guard.

EDIT:
I Found in the Kaspersky forum something like this.

begin
TerminateProcessByName('C:\Users\User\AppData\Roaming\MetaData\sys6nt.exe');
QuarantineFile('C:\Users\User\AppData\Roaming\MetaData\sys6nt.exe','');
DeleteFile('C:\Users\User\AppData\Roaming\MetaData\sys6nt.exe','32');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','utcsvc');
ExecuteSysClean;
RebootWindows(true);
end.

and I found the exact files were in my system.
I found this
HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','utcsvc
through Malwarebyte

Ragnar · Aug 8, 2016

Some QSP files has a Trojan, the program used in those Russian games with rl photos, they found it in the TFGamesite not long ago.

muttdoggy · Aug 9, 2016

I'm glad you had it under control. I didn't download either of those 2 but I have downloaded the QSP games and I always double check them.

ann · Aug 9, 2016

I would highly advice using a program called

You must be registered to see the links

when dealing with executables that shouldn't be trusted. It creates an extra layer of protection against malicious software by containing their hard drive write access into an isolated sandbox environment. This environment looks like the real deal for the executable, so most software should work fine with it unless they are doing some very low level things. Even installable programs should work just fine. Pretty much only thing that hasn't worked well for me has been Oculus Rift games, and I would assume installing drivers would be a bad idea. Oh, and Sandboxie is free for personal use, so there really isn't any reason to not use it.

ILikeSkyrimALot · Aug 9, 2016

ann said:
I would highly advice using a program called
You must be registered to see the links
when dealing with executables that shouldn't be trusted. It creates an extra layer of protection against malicious software by containing their hard drive write access into an isolated sandbox environment. This environment looks like the real deal for the executable, so most software should work fine with it unless they are doing some very low level things. Even installable programs should work just fine. Pretty much only thing that hasn't worked well for me has been Oculus Rift games, and I would assume installing drivers would be a bad idea. Oh, and Sandboxie is free for personal use, so there really isn't any reason to not use it.

You can use a virtual machine too, like Virtual Box. It's always good to test files from untrusted sources.

Anyway, thanks for the warning.

Silver · Aug 9, 2016

ann said:
I would highly advice using a program called
You must be registered to see the links
when dealing with executables that shouldn't be trusted. It creates an extra layer of protection against malicious software by containing their hard drive write access into an isolated sandbox environment. This environment looks like the real deal for the executable, so most software should work fine with it unless they are doing some very low level things. Even installable programs should work just fine. Pretty much only thing that hasn't worked well for me has been Oculus Rift games, and I would assume installing drivers would be a bad idea. Oh, and Sandboxie is free for personal use, so there really isn't any reason to not use it.

It's not still safe, It can read our data , though it can't execute any commands to write to the hard drive.

ann · Aug 9, 2016

Silver said:
It's not still safe, It can read our data , though it can't execute any commands to write to the hard drive.

Yeah, it's pretty much just an extra layer of protection. You still shouldn't run anything that you know to be malicious for sure.

Privatized Roads · Aug 11, 2018

Ive noticed more malicious stuff coming up recently when I put them through a scanner (Virus Total).

I Scanned the Void link for a
NanoLess Collection [Patreon] [NanoLess]
and this is what I got.

rick4691 · Aug 11, 2018

ann said:
I would highly advice using a program called
You must be registered to see the links
when dealing with executables that shouldn't be trusted. It creates an extra layer of protection against malicious software by containing their hard drive write access into an isolated sandbox environment. This environment looks like the real deal for the executable, so most software should work fine with it unless they are doing some very low level things. Even installable programs should work just fine. Pretty much only thing that hasn't worked well for me has been Oculus Rift games, and I would assume installing drivers would be a bad idea. Oh, and Sandboxie is free for personal use, so there really isn't any reason to not use it.

The irony. Sandboxie is spyware itself. Use Virtualbox or VMware. Both are free.

ann · Aug 11, 2018

rick4691 said:
Sandboxie is spyware itself

Source for this information?

Deleted member 247635 · Sep 3, 2019

I would use ("MRT") to check and see if your system files are infected.

CUNT1337 · Nov 2, 2019

Just found this site, and every file I downloaded and scanned was infected...

You must be registered to see the links

Stronkboi · Nov 2, 2019

CUNT1337 said:
Just found this site, and every file I downloaded and scanned was infected...

I HIGHLY doubt it's due to the files.

Daxter250 · Nov 2, 2019

i already was at fucking full alert, thinking, that a new virus (that mayweather) is on the run... but that thread is from fucking 2016!

god dammit (§/&"%!% i already wanted to share this infos some other guys so they can check their systems.

Virus Alert!

Regular

Active Member

Administrator

Regular

Regular

Regular

Regular

Super User

Dogerator

Newbie

Member

Regular

Newbie

New Member

Newbie

Newbie

Member

New Member

Active Member

Forum Fanatic