Genesis Pro
-
- KVRer
- 2 posts since 24 Dec, 2018
Thanks for the replies.
Ran it through VirusTotal:
Ad-Aware
Trojan.GenericKD.33659162
AegisLab
Trojan.Win32.Coins.i!c
ALYac
Trojan.GenericKD.33659162
Antiy-AVL
Trojan[PSW]/Win32.Coins
SecureAge APEX
Malicious
Arcabit
Trojan.Generic.D201991A
BitDefender
Trojan.GenericKD.33659162
BitDefenderTheta
Gen:NN.ZedlaF.34108.Iu4@ayS7vxei
Cylance
Unsafe
Cyren
W32/Trojan.GORH-9042
Emsisoft
Trojan.GenericKD.33659162 (B)
eScan
Trojan.GenericKD.33659162
Fortinet
W32/Coins.WEN!tr.pws
GData
Trojan.GenericKD.33659162
Jiangmin
Trojan.PSW.Coins.etf
Kaspersky
Trojan-PSW.Win32.Coins.wen
MAX
Malware (ai Score=82)
MaxSecure
Trojan.Malware.87187819.susgen
McAfee
Artemis!43BE618550EF
Microsoft
Trojan:Win32/Occamy.C
Qihoo-360
Win32/Trojan.PSW.61b
Rising
Trojan.Occamy!8.F1CD (CLOUD)
Sangfor Engine Zero
Malware
TACHYON
Trojan-PWS/W32.Coins.567808
Tencent
Malware.Win32.Gencirc.114a2e2a
TrendMicro-HouseCall
TROJ_GEN.R002H09DE20
VBA32
TrojanPSW.Coins
VIPRE
Trojan.Win32.Generic!BT
Webroot
W32.Trojan.GenKD
Zillya
Trojan.Coins.Win32.4018
Ran it through VirusTotal:
Ad-Aware
Trojan.GenericKD.33659162
AegisLab
Trojan.Win32.Coins.i!c
ALYac
Trojan.GenericKD.33659162
Antiy-AVL
Trojan[PSW]/Win32.Coins
SecureAge APEX
Malicious
Arcabit
Trojan.Generic.D201991A
BitDefender
Trojan.GenericKD.33659162
BitDefenderTheta
Gen:NN.ZedlaF.34108.Iu4@ayS7vxei
Cylance
Unsafe
Cyren
W32/Trojan.GORH-9042
Emsisoft
Trojan.GenericKD.33659162 (B)
eScan
Trojan.GenericKD.33659162
Fortinet
W32/Coins.WEN!tr.pws
GData
Trojan.GenericKD.33659162
Jiangmin
Trojan.PSW.Coins.etf
Kaspersky
Trojan-PSW.Win32.Coins.wen
MAX
Malware (ai Score=82)
MaxSecure
Trojan.Malware.87187819.susgen
McAfee
Artemis!43BE618550EF
Microsoft
Trojan:Win32/Occamy.C
Qihoo-360
Win32/Trojan.PSW.61b
Rising
Trojan.Occamy!8.F1CD (CLOUD)
Sangfor Engine Zero
Malware
TACHYON
Trojan-PWS/W32.Coins.567808
Tencent
Malware.Win32.Gencirc.114a2e2a
TrendMicro-HouseCall
TROJ_GEN.R002H09DE20
VBA32
TrojanPSW.Coins
VIPRE
Trojan.Win32.Generic!BT
Webroot
W32.Trojan.GenKD
Zillya
Trojan.Coins.Win32.4018
- KVRAF
- 18608 posts since 16 Sep, 2001 from Las Vegas,USA
Bitdefender, Kasperksy Trend Micro, Vipre, Webroot, all respected software.
I use Bitdefender and it's not prone to false positives although nothing is perfect. They're seeing something suspicious in the code.
Yes I know the developer says it's a false positive but is he sure ? That's the problem when you use third party sems and seps. The module was supposed to have been removed. Has it ?
I use Bitdefender and it's not prone to false positives although nothing is perfect. They're seeing something suspicious in the code.
Yes I know the developer says it's a false positive but is he sure ? That's the problem when you use third party sems and seps. The module was supposed to have been removed. Has it ?
None are so hopelessly enslaved as those who falsely believe they are free. Johann Wolfgang von Goethe
-
- KVRer
- 29 posts since 4 Jul, 2018
I think they are false positives. I've only used Genesis Pro for 2 Youtube videos and I recently uninstalled it.
I've seen no suspicious activity in Task Manager and I've run a scan with Malwarebytes and it finds nothing.
I've seen no suspicious activity in Task Manager and I've run a scan with Malwarebytes and it finds nothing.
- KVRian
- 1339 posts since 25 Sep, 2011 from New York
Cool story bro i am telling you...wait, this is 16 bit?
Reality is a Condition due to Lack of Weed!
-
- KVRAF
- 1863 posts since 11 Apr, 2008
Here's one crap that is listed above: https://malwarefixes.com/threats/trojanwin32-occamy-c/
Doesn't looks like false positive. Same for coin miners
Doesn't looks like false positive. Same for coin miners
-
- KVRAF
- 1863 posts since 11 Apr, 2008
You'll not find rootkit in Task Manager just to mention one exampleeyezermusic wrote: ↑Fri Jun 12, 2020 8:53 pm I've seen no suspicious activity in Task Manager and I've run a scan with Malwarebytes and it finds nothing.
-
- KVRAF
- 1863 posts since 11 Apr, 2008
-
- KVRist
- Topic Starter
- 57 posts since 14 Jan, 2008
Hi All,
An explanation was given in this topic around the time it was flagged falsely by the AV database. But it's a big thread, so I understand nobody wants to go through them So I'll explain it again.
The false positive threat notification of several AV's started to happen in the last week of April. The first version of the Genesis Pro had a module build in called NEWSMODULE.SEM. It's a simple module intended to update the user with news (basically the welcome message). Whenever you would load the plugin, the Genesis Pro would connect to our server, retrieve the welcome message and display it to the user. We thought this would be a more efficient way of staying in touch with the user, rather than sending out emails. It was the only part of the plugin that connected to the outside world.
6 weeks after the launch (last week of April), several AV databases decided to flag it as a trojan. I do not have any knowledge on how a database suddenly decides it's a threat, but upon seeing that we immediately took action. The Genesis Pro is 100% safe and something like this could put people in doubt about how safe it actually is. Obviously it wasn't worth the welcome/update message. On the 2nd of May, we released an update with a lot of fixes, including deleting NEWSMODULE.SEM and anything related to it. A copy of the full patch notes + extra email with information is in the attachment of this comment.
After about 3-4 weeks (towards end of May) we noticed that some users were still reporting this virus threat. Apparently the email containing the download link, that was sent after a new purchase, still had the old installer. We thought we had changed it, but it wasn't. So we fixed it and got in touch with those customers to let them know that they can get the most updated version of the Genesis through their order history on the website.
Anyone in this thread with this issue should download the updated version of the Genesis Pro through their order history. The order page with the download link is only visible on desktop, not mobile devices.
Hope this clears up a thing or two
You do not have the required permissions to view the files attached to this post.
-
Davidson A & M Davidson A & M https://www.kvraudio.com/forum/memberlist.php?mode=viewprofile&u=409245
- KVRist
- 76 posts since 3 Dec, 2017 from Niwot, CO
How is 64bit version coming it's been 6 Months? Mac Version? When adding a synthedit made plugin to the KVR database it is a common practice to list that it is made with synthedit logo in the plugin listing. There is no shame that it is made with SE...
-Committed to provide innovative technologies for multimedia.-
https://www.davidsonaudioandmultimedia.com
https://www.davidsonaudioandmultimedia.com
-
- KVRist
- Topic Starter
- 57 posts since 14 Jan, 2008
A native 64-bit/Mac of the Genesis Pro is difficult as I mentioned earlier. There are hundreds of modules that needs to be replaced. This process requires a lot of time.Davidson A & M wrote: ↑Sun Jun 28, 2020 10:17 am How is 64bit version coming it's been 6 Months? Mac Version? When adding a synthedit made plugin to the KVR database it is a common practice to list that it is made with synthedit logo in the plugin listing. There is no shame that it is made with SE...
I didn't add the Genesis Pro to the database and I do not know who does on KVR. I agree there is no shame in that at all. In fact if you look up all my Genesis videos on my socials, you will see that I have been showing the SE project a lot.
- KVRAF
- 2341 posts since 28 Feb, 2015
My SentinelOne agent is not trigging on Genesis Pro, and it would have done that if something in Genesis was doing anything fishy. So I take it it's a false positive.
i9-10900K | 128GB DDR4 | RTX 3090 | Arturia AudioFuse/KeyLab mkII/SparkLE | PreSonus ATOM/ATOM SQ | Studio One | Reason | Bitwig Studio | Reaper | Renoise | FL Studio | ~900 VSTs | 300+ REs
-
- KVRist
- 186 posts since 30 Dec, 2008
Totally uninstalled Genesis Pro, but every time i launch cubase bitdefender reacts for tmp files, NOTHING CHANGES!!!
WTF!?? HOW TO GET RID OF THAT CRAPPY MALWARE ???????????????????????
HOW TO ERASE EVERY BIT OF THAT FROM MY COMPUTER???
WTF!?? HOW TO GET RID OF THAT CRAPPY MALWARE ???????????????????????
HOW TO ERASE EVERY BIT OF THAT FROM MY COMPUTER???
-
- KVRist
- Topic Starter
- 57 posts since 14 Jan, 2008
Hi SoulState,
Apologies that this happened to you, but like I explained above it’s not malware. I still do not know why on earth AV database’s decided to label it as such. If your bitdefender keeps getting triggered when starting Cubase, is it an option to quarantine or delete the specific file in your Cubase temp folder?
You could also try to search manually for “newsmodule.sem” file and delete it.
-
- KVRist
- 186 posts since 30 Dec, 2008
NextGen wrote: ↑Mon Jul 13, 2020 11:19 amHi SoulState,
Apologies that this happened to you, but like I explained above it’s not malware. I still do not know why on earth AV database’s decided to label it as such. If your bitdefender keeps getting triggered when starting Cubase, is it an option to quarantine or delete the specific file in your Cubase temp folder?
You could also try to search manually for “newsmodule.sem” file and delete it.
I know what is it not a virus or malware actually, but somehow it working like that, because i deleted all *.sem files, but it won't help.
I launch cubase, and Bitdefender blocks *.tmp files created in c:/windows/temp folder, and in the infinite cycle there is countless new tmp files with different names appearing (like tmp0005f295), so i just can't exclude one from quarantine by filename. After a few seconds it's destroying all free space on drive C:
All tmp files weight 555 kb and has reference to oz-soft website inside.
Why the hell this happen? I deleted ANY files, that belong to genesis pro, including all the SEM's!
And moreover, after i close cubase - it's continue generating these files in the cycle, for some time, but not as fast as with cubase
Seems like bitdefender trying to block these tmp files, and some process create new files after old is blocked in infinite loop.
Main problem i can't see what process or module creating them, since i deleted all files that belongs to Genesis Pro...
-
- KVRist
- 186 posts since 30 Dec, 2008
Ok i have the news, thats all going periodically, when i don't launch any cubase at all.
That behaviour is exactly like virus or malware.
What process in genesis installer responsible to it? (as i say i uninstalled and deleted all related to genesis )
Do you distribute viruses?
That behaviour is exactly like virus or malware.
What process in genesis installer responsible to it? (as i say i uninstalled and deleted all related to genesis )
Do you distribute viruses?