Genesis Pro

VST, AU, AAX, CLAP, etc. Plugin Virtual Instruments Discussion
Post Reply New Topic
RELATED
PRODUCTS Genesis Pro

Post

Thanks for the replies.
Ran it through VirusTotal:

Ad-Aware

Trojan.GenericKD.33659162
AegisLab

Trojan.Win32.Coins.i!c
ALYac

Trojan.GenericKD.33659162
Antiy-AVL

Trojan[PSW]/Win32.Coins
SecureAge APEX

Malicious
Arcabit

Trojan.Generic.D201991A
BitDefender

Trojan.GenericKD.33659162
BitDefenderTheta

Gen:NN.ZedlaF.34108.Iu4@ayS7vxei
Cylance

Unsafe
Cyren

W32/Trojan.GORH-9042
Emsisoft

Trojan.GenericKD.33659162 (B)
eScan

Trojan.GenericKD.33659162
Fortinet

W32/Coins.WEN!tr.pws
GData

Trojan.GenericKD.33659162
Jiangmin

Trojan.PSW.Coins.etf
Kaspersky

Trojan-PSW.Win32.Coins.wen
MAX

Malware (ai Score=82)
MaxSecure

Trojan.Malware.87187819.susgen
McAfee

Artemis!43BE618550EF
Microsoft

Trojan:Win32/Occamy.C
Qihoo-360

Win32/Trojan.PSW.61b
Rising

Trojan.Occamy!8.F1CD (CLOUD)
Sangfor Engine Zero

Malware
TACHYON

Trojan-PWS/W32.Coins.567808
Tencent

Malware.Win32.Gencirc.114a2e2a
TrendMicro-HouseCall

TROJ_GEN.R002H09DE20
VBA32

TrojanPSW.Coins
VIPRE

Trojan.Win32.Generic!BT
Webroot

W32.Trojan.GenKD
Zillya

Trojan.Coins.Win32.4018
Top

Post

Bitdefender, Kasperksy Trend Micro, Vipre, Webroot, all respected software.

I use Bitdefender and it's not prone to false positives although nothing is perfect. They're seeing something suspicious in the code.

Yes I know the developer says it's a false positive but is he sure ? That's the problem when you use third party sems and seps. The module was supposed to have been removed. Has it ?
None are so hopelessly enslaved as those who falsely believe they are free. Johann Wolfgang von Goethe
Top

Post

I think they are false positives. I've only used Genesis Pro for 2 Youtube videos and I recently uninstalled it.
I've seen no suspicious activity in Task Manager and I've run a scan with Malwarebytes and it finds nothing.
Top

Post

Cool story bro i am telling you...wait, this is 16 bit?
Reality is a Condition due to Lack of Weed!
Top

Post

Here's one crap that is listed above: https://malwarefixes.com/threats/trojanwin32-occamy-c/

Doesn't looks like false positive. Same for coin miners
Top

Post

eyezermusic wrote: Fri Jun 12, 2020 8:53 pm I've seen no suspicious activity in Task Manager and I've run a scan with Malwarebytes and it finds nothing.
You'll not find rootkit in Task Manager just to mention one example
Top

Post

Teksonik wrote: Fri Jun 12, 2020 5:07 pm Yes I know the developer says it's a false positive but is he sure ?
Did he support his words with any evidence (I'm not gonna read 100 pages to find the answer ;) )? Anyone can say 'it's false positive' and it's meaningless without evidence.
Top

Post

pixel85 wrote: Mon Jun 22, 2020 12:27 pm
Teksonik wrote: Fri Jun 12, 2020 5:07 pm Yes I know the developer says it's a false positive but is he sure ?
Did he support his words with any evidence (I'm not gonna read 100 pages to find the answer ;) )? Anyone can say 'it's false positive' and it's meaningless without evidence.
Hi All,

An explanation was given in this topic around the time it was flagged falsely by the AV database. But it's a big thread, so I understand nobody wants to go through them :) So I'll explain it again.

The false positive threat notification of several AV's started to happen in the last week of April. The first version of the Genesis Pro had a module build in called NEWSMODULE.SEM. It's a simple module intended to update the user with news (basically the welcome message). Whenever you would load the plugin, the Genesis Pro would connect to our server, retrieve the welcome message and display it to the user. We thought this would be a more efficient way of staying in touch with the user, rather than sending out emails. It was the only part of the plugin that connected to the outside world.

6 weeks after the launch (last week of April), several AV databases decided to flag it as a trojan. I do not have any knowledge on how a database suddenly decides it's a threat, but upon seeing that we immediately took action. The Genesis Pro is 100% safe and something like this could put people in doubt about how safe it actually is. Obviously it wasn't worth the welcome/update message. On the 2nd of May, we released an update with a lot of fixes, including deleting NEWSMODULE.SEM and anything related to it. A copy of the full patch notes + extra email with information is in the attachment of this comment.

After about 3-4 weeks (towards end of May) we noticed that some users were still reporting this virus threat. Apparently the email containing the download link, that was sent after a new purchase, still had the old installer. We thought we had changed it, but it wasn't. So we fixed it and got in touch with those customers to let them know that they can get the most updated version of the Genesis through their order history on the website.

Anyone in this thread with this issue should download the updated version of the Genesis Pro through their order history. The order page with the download link is only visible on desktop, not mobile devices.

Hope this clears up a thing or two :)
You do not have the required permissions to view the files attached to this post.
Top

Post

How is 64bit version coming it's been 6 Months? Mac Version? When adding a synthedit made plugin to the KVR database it is a common practice to list that it is made with synthedit logo in the plugin listing. There is no shame that it is made with SE...
-Committed to provide innovative technologies for multimedia.-

https://www.davidsonaudioandmultimedia.com
Top

Post

Davidson A & M wrote: Sun Jun 28, 2020 10:17 am How is 64bit version coming it's been 6 Months? Mac Version? When adding a synthedit made plugin to the KVR database it is a common practice to list that it is made with synthedit logo in the plugin listing. There is no shame that it is made with SE...
A native 64-bit/Mac of the Genesis Pro is difficult as I mentioned earlier. There are hundreds of modules that needs to be replaced. This process requires a lot of time.

I didn't add the Genesis Pro to the database and I do not know who does on KVR. I agree there is no shame in that at all. In fact if you look up all my Genesis videos on my socials, you will see that I have been showing the SE project a lot.
Top

Post

pixel85 wrote: Mon Jun 22, 2020 12:27 pm
Teksonik wrote: Fri Jun 12, 2020 5:07 pm Yes I know the developer says it's a false positive but is he sure ?
Did he support his words with any evidence (I'm not gonna read 100 pages to find the answer ;) )? Anyone can say 'it's false positive' and it's meaningless without evidence.
My SentinelOne agent is not trigging on Genesis Pro, and it would have done that if something in Genesis was doing anything fishy. So I take it it's a false positive.
i9-10900K | 128GB DDR4 | RTX 3090 | Arturia AudioFuse/KeyLab mkII/SparkLE | PreSonus ATOM/ATOM SQ | Studio One | Reason | Bitwig Studio | Reaper | Renoise | FL Studio | ~900 VSTs | 300+ REs
Top

Post

Totally uninstalled Genesis Pro, but every time i launch cubase bitdefender reacts for tmp files, NOTHING CHANGES!!!
WTF!?? HOW TO GET RID OF THAT CRAPPY MALWARE ???????????????????????
HOW TO ERASE EVERY BIT OF THAT FROM MY COMPUTER???
Top

Post

SoulState wrote: Mon Jul 13, 2020 8:09 am Totally uninstalled Genesis Pro, but every time i launch cubase bitdefender reacts for tmp files, NOTHING CHANGES!!!
WTF!?? HOW TO GET RID OF THAT CRAPPY MALWARE ???????????????????????
HOW TO ERASE EVERY BIT OF THAT FROM MY COMPUTER???
Hi SoulState,

Apologies that this happened to you, but like I explained above it’s not malware. I still do not know why on earth AV database’s decided to label it as such. If your bitdefender keeps getting triggered when starting Cubase, is it an option to quarantine or delete the specific file in your Cubase temp folder?

You could also try to search manually for “newsmodule.sem” file and delete it.
Top

Post

NextGen wrote: Mon Jul 13, 2020 11:19 am
SoulState wrote: Mon Jul 13, 2020 8:09 am Totally uninstalled Genesis Pro, but every time i launch cubase bitdefender reacts for tmp files, NOTHING CHANGES!!!
WTF!?? HOW TO GET RID OF THAT CRAPPY MALWARE ???????????????????????
HOW TO ERASE EVERY BIT OF THAT FROM MY COMPUTER???
Hi SoulState,

Apologies that this happened to you, but like I explained above it’s not malware. I still do not know why on earth AV database’s decided to label it as such. If your bitdefender keeps getting triggered when starting Cubase, is it an option to quarantine or delete the specific file in your Cubase temp folder?

You could also try to search manually for “newsmodule.sem” file and delete it.

I know what is it not a virus or malware actually, but somehow it working like that, because i deleted all *.sem files, but it won't help.
I launch cubase, and Bitdefender blocks *.tmp files created in c:/windows/temp folder, and in the infinite cycle there is countless new tmp files with different names appearing (like tmp0005f295), so i just can't exclude one from quarantine by filename. After a few seconds it's destroying all free space on drive C:
All tmp files weight 555 kb and has reference to oz-soft website inside.
Why the hell this happen? I deleted ANY files, that belong to genesis pro, including all the SEM's!

And moreover, after i close cubase - it's continue generating these files in the cycle, for some time, but not as fast as with cubase

Seems like bitdefender trying to block these tmp files, and some process create new files after old is blocked in infinite loop.
Main problem i can't see what process or module creating them, since i deleted all files that belongs to Genesis Pro...
Top

Post

Ok i have the news, thats all going periodically, when i don't launch any cubase at all.
That behaviour is exactly like virus or malware.
What process in genesis installer responsible to it? (as i say i uninstalled and deleted all related to genesis )
Do you distribute viruses?
Top
Post Reply

Return to “Instruments”