KVR Audio

kidslow · Post by **kidslow** » Sun Feb 23, 2020 5:41 pm

Teksonik wrote: ↑Sun Feb 23, 2020 4:31 pm Possibly a Supply Chain Exploit:

https://www.dni.gov/index.php/ncsc-what ... in-threats

Likely. The standard content management systems used to host websites (Wordpress, Drupal ... and especially plugins for these systems) are constantly being hacked and subverted. I would suspect that was the vector here. Even if you outsource your hosting to a "professional" there is no guarantee they will get it any more right.

thecontrolcentre · Post by **thecontrolcentre** » Sun Feb 23, 2020 5:57 pm

FYI I did a complete system scan and Defender found and removed these files:

Program:Win32/Unwasson.Alml

Items:
<file:C:\Users\Dave\Downloads\AO Equalizers\SSQ 3.0\SSQ_3.0_VST_WIN\SSQ.dll.32\SSQ.dll>
<file:E:\Temp\Analog Obsession\AO Equalizers\SSQ 3.0\SSQ_3.0_VST_WIN\SSQ.dll.32\SSQ.dll>
<file:I:\BACKUPS\VST Plugins\Free VST\64 bit VST Plugins\Analog Obsession\AO Equalizers\SSQ 3.0\SSQ_3.0_VST_WIN\SSQ.dll.32\SSQ.dll>

Items:
containerfile:C:\Users\Dave\AppData\Local\Mozilla\Firefox\Profiles\fey95g4e.default\cache2\entries\0C350065219505450D958784F344B8103A0565C7
file:C:\Users\Dave\AppData\Local\Mozilla\Firefox\Profiles\fey95g4e.default\cache2\entries\0C350065219505450D958784F344B8103A0565C7->SSQ.dll.32.zip->SSQ.dll

Trojan:Win32/Spursint.Flcl

Items:
containerfile:C:\Users\Dave\AppData\Local\Temp\Temp1_Harqules_2.0_VST_WIN.zip\Harqules.dll.64.zip
file:C:\Users\Dave\AppData\Local\Temp\Temp1_Harqules_2.0_VST_WIN.zip\Harqules.dll.64.zip->Harqules.dll

As you can see they are all related to AO files, both 32bit and 64bit ...

sqigls · Post by **sqigls** » Sun Feb 23, 2020 6:42 pm

Hey, you took me out of context to even GET here.
Then tell me to chill out? Head case.

thecontrolcentre wrote: ↑Sun Feb 23, 2020 3:59 pm
sqigls wrote: ↑Sun Feb 23, 2020 3:48 pm
thecontrolcentre wrote: ↑Sun Feb 23, 2020 3:17 pm
sqigls wrote: ↑Sun Feb 23, 2020 3:06 pm
thecontrolcentre wrote: ↑Sun Feb 23, 2020 2:25 pm
sqigls wrote: ↑Sun Feb 23, 2020 2:20 pm talk about kicking a guy when he's down.
WTF? He's distributing infected files, whether he knows it or not, and asking for funds via Patreon. He should listen to what's being said here and either fix or remove the downloads. I was planning to do some music today, but instead I'm running a full system scan looking for malware.
WTF, firstly anti-virus programs are known to report false positives for certain code.
but, more to the point, I'm talking about the general situation he's in. Already suffering and then this happens. Poor dude.
anyways, this IS the internet, so no surprise... i'm unrolling the jump to conclusions mat now, anyone up for a game?
No jumping to conclusions going on here. I had 4 Trojans identified and quarenteened. I double checked and got the same result so reported it here. It looks like its not just me .
it's a shit situation, but we don't KNOW for a fact what's happened.
I've had plugins quarantined on Windows before too, a few times, but every time it's turned out to be false positive.
would be perfectly acceptable for me to join the pack and take strips off the guy, but i post a few words of sympathy and I'M the enemy ?
I don't know why you think you are the enemy, and I for one have not torn strip of "the guy" ... I think you need to chill out.

thecontrolcentre · Post by **thecontrolcentre** » Sun Feb 23, 2020 6:47 pm

sqigls wrote: ↑Sun Feb 23, 2020 6:42 pm Hey, you took me out of context to even GET here.
Then tell me to chill out? Head case.
thecontrolcentre wrote: ↑Sun Feb 23, 2020 3:59 pm
sqigls wrote: ↑Sun Feb 23, 2020 3:48 pm
thecontrolcentre wrote: ↑Sun Feb 23, 2020 3:17 pm
sqigls wrote: ↑Sun Feb 23, 2020 3:06 pm
thecontrolcentre wrote: ↑Sun Feb 23, 2020 2:25 pm

WTF? He's distributing infected files, whether he knows it or not, and asking for funds via Patreon. He should listen to what's being said here and either fix or remove the downloads. I was planning to do some music today, but instead I'm running a full system scan looking for malware.
WTF, firstly anti-virus programs are known to report false positives for certain code.
but, more to the point, I'm talking about the general situation he's in. Already suffering and then this happens. Poor dude.
anyways, this IS the internet, so no surprise... i'm unrolling the jump to conclusions mat now, anyone up for a game?
No jumping to conclusions going on here. I had 4 Trojans identified and quarenteened. I double checked and got the same result so reported it here. It looks like its not just me .
it's a shit situation, but we don't KNOW for a fact what's happened.
I've had plugins quarantined on Windows before too, a few times, but every time it's turned out to be false positive.
would be perfectly acceptable for me to join the pack and take strips off the guy, but i post a few words of sympathy and I'M the enemy ?
I don't know why you think you are the enemy, and I for one have not torn strip of "the guy" ... I think you need to chill out.

I have no clue what you're so upset about. There is no need to be insulting. Please stop it.

Halonmusic · Post by **Halonmusic** » Sun Feb 23, 2020 6:54 pm

Make love, not war

EDIT: Just scanned my entire Analog Obsession plugin folder and nothing found.

thecontrolcentre · Post by **thecontrolcentre** » Sun Feb 23, 2020 6:59 pm

Halonmusic wrote: ↑Sun Feb 23, 2020 6:54 pm Make love, not war

+1

FYI the Trojans weren't in my plugin folder (see above). Somehow they got into my AppData folder, and I didn't put them there

stamp · Post by **stamp** » Sun Feb 23, 2020 7:06 pm

Halonmusic wrote: ↑Sun Feb 23, 2020 6:54 pm Just scanned my entire Analog Obsession plugin folder and nothing found.

You'd better scan all your pc.

Halonmusic · Post by **Halonmusic** » Sun Feb 23, 2020 7:07 pm

thecontrolcentre wrote: ↑Sun Feb 23, 2020 6:59 pm
Halonmusic wrote: ↑Sun Feb 23, 2020 6:54 pm Make love, not war
+1

FYI the Trojans weren't in my plugin folder (see above). Somehow they got into my AppData folder, and I didn't put them there

Oh. Sorry i must have missed your post. Then i should do a rescan

Halonmusic · Post by **Halonmusic** » Sun Feb 23, 2020 7:09 pm

stamp wrote: ↑Sun Feb 23, 2020 7:06 pm
Halonmusic wrote: ↑Sun Feb 23, 2020 6:54 pm Just scanned my entire Analog Obsession plugin folder and nothing found.
You'd better scan all your pc.

Yes i should do that.

Teksonik · Post by **Teksonik** » Sun Feb 23, 2020 7:31 pm

I'm 35% through a full system scan with Bitdefender Total Security. I had uninstalled it because although it's one of the top rated security suites it is a bit of a system pig. Guess I'll keep it installed now since Windows Defender detected nothing during download.

Luckily I only downloaded one AO plugin.....

thecontrolcentre · Post by **thecontrolcentre** » Sun Feb 23, 2020 7:41 pm

Teksonik wrote: ↑Sun Feb 23, 2020 7:31 pm
Luckily I only downloaded one AO plugin.....

I wish I'd done that

Just spent 4 hours finding and deleting erroneous files. Hopefully got them all ...

marzelli · Post by **marzelli** » Sun Feb 23, 2020 7:44 pm

I hope you figure this out. I'm sure AO didn't do this on purpose.

mladi · Post by **mladi** » Sun Feb 23, 2020 7:50 pm

AnalogObsession wrote: ↑Sat Feb 22, 2020 9:01 am Thanks for your ideas and words!

Now, fixed SweetDrums download links.

Please, try now.

Still not working, think the whole site is down because of the hack?.
Thanks anyway & all the best to your business!

AnalogObsession · Post by **AnalogObsession** » Sun Feb 23, 2020 8:20 pm

I'm so sorry about that.

Website under maintenance. Provider checking whole site and files.

Luckly, i have clean files... Maybe, i will have to re-design whole website but no problem. I will find the way to solve this issue and re-offer free plugins to you...

Thanks.

Aloysius · Post by **Aloysius** » Sun Feb 23, 2020 8:23 pm

Do we need to scan our PCs? Any freeware that will do it?

Announcing new way of Analog Obsession