- This topic has 45 replies, 21 voices, and was last updated 4 years, 5 months ago by
.
-
Posts
-
Hi Everyone.
As many of you are aware a MEGA space was shared between August 01 and August 03 containing many products all at once, which were labeled "BOGUS" Files, with warnings about downloading them. They ended up being downloaded and spread to every other download site, filled with added files in the /data/ folders of the installers with code in them to add and install MalWare and Viruses onto your PCs. We tried to verify this and to remove the offending files, but they managed to be shared not only in the BLOG but spread over all the other share sites.
I had some help from @legolas18 and @sonytony to find the malware files and to fix them. However, I am not sure which files now are CLEAN and which are still virus/malware installer infected.
This is the list of files that contained the images files labeled "Bogus" and another name, identifying the affected files, and the two assisting users could only identify a handful of infected files to remove.
Here are the image files inside:
In the TEXTURES folders or in the DATA folders, there are files with the date 02-08-2020, those are the common denominator in these files, here is an example of two files which throw an invalid image file error, and are identically dated on the 2nd August 2020, note all other items are from much earlier dates.
If you highlight the files listed under 02-Aug-2020 they will throw an error like this:
I would like help in either getting CLEAN INSTALLERS directly from the vendor source, or have clean files we can safely post on the blog to replace the infected ones.
Here is the list of files:
If you have any of these you PURCHASED yourself and have the original DIM installers for, please contact me, and I will make sure I get you points for these fixed products.
Your help is greatly appreciated.
AnjaBear
ModeratorAnja, considering that some of us most certainly have these files, some from here and some from somewhere else, it would be difficult who got an infected file or not just by names, although it does a great job at narrowing the suspiscious files. Has a way to test the files and possibly clean them up been found at all? And concerning the malware itself, has it been identified? 🙂
If you are using Win 10, a Defender manual quick scan should pick them up.
It did for me.
🙂I have had a Rose HD with bogus nipples from a different site, just putting that out there.
Moderator:
What did you do to resolve it? The nipples were unrelated images or what exactly?@eelgoo did it resolve EVERY issue in yours? I've tried Malwarebytes, AVG etc and got a few but not everything that @SonyTony listed in one thread.
I want to clear this crap up ASAP, it's been a thorn in my side now for a while. I could just simply let it be - but this makes our combined experience here at ZoneGFX miserable and I don't like that at all.
Anja
Well all I can say is that, whilst I found maybe half a dozen infected files I had downloaded. Defender was able to quarantine & fix the issues.
🙂So @eelgoo is the solution to get this resolved ASAP to run defender over all the installer files and let defender quarantine the files, then re-upload them with the files removed from them? And everything will work?
Or would it be safer to replace everything with REAL files from the source?
Just for safety's sake.
Anja
Well, the quick fix would be to do that.
There may be the odd missing file as a result though.
Your approach is more thorough, labour intensive & time consuming.
Personally, I am OK with my quick fix.
🙂Rank:
Please don't rely on Windows defender alone. Some of this malware may just be ransomware. It's all over the place now and attacks are random in the 3D community.
Can I suggest KIS 2020 free trial. Pretty sure they do a free AV but it might have been discontinued. I suggested KIS because it is the best on the market.
I brought superhero suit for Genesis 8 female. I can download a new version from daz3d when I wake up.
You are sleep posting?? 😉
I just ran Malwarebytes over 71611_101 Series - Soldier of Fortune Poses and Prop for Genesis 8
this result came up:
RiskWare.ExtensionMismatch
Short bio
RiskWare.ExtensionMismatch is Malwarebytes’ generic detection name for files that are executable, but have extensions that are not associated with executable files. The reasons for this can be numerous, but users should handle files detected like this with care, unless they are aware of their origin and use.Rank:hxxps://www.bleepingcomputer.com/forums/t/622207/both-pcs-hacked-1350-taken-from-bank-frst-log/page-3
Rank:Just a heads up.
Jpeg images can be a good source for hackers to hide malware.
Some customers of Ad**e were victims in 2018.
Nice of them to widely report it......Which they didn't.
- The topic ‘RESOLVED/CLOSED: Fixing the Shares from 02-04 AUG’ is closed to new replies.
