Installation failure
#11
(May 14, 2021, 05:22 am)dueda Wrote: What you describe sounds like a severe infection - You probably downloaded a bad program at some point and your system went awol.

From the Tor on-line manual:
Quote:Removing Tor Browser from your system is simple - On Windows:
- Locate your Tor Browser folder or application. The default location is the Desktop.
- Delete the Tor Browser folder or application.
- Empty your Trash.
* You may need a file unlocker if the file is open and/or a task killer if it is running in background or as a service.

Quote:I guess I'm facing a wipe of the disc and Win 10 reinstallation? Then re-find all the sw...
Before jumping to extreme ways, I suggest you try other tools, like Panda or Avira (to stay on the mainstream side) or an off-line AV (boot time) like MS Defender Off-Line Scan.
I'm no virus specialist, maybe someone else can come with better suggestions, but it's possible your other PCs are also infected. Get a fresh USB stick and load it with a boot time Anti-Virus (live CD image, etc).
Obviously, the download of such remedy should be from another, clean PC. Anything downloaded on your main PC now shouldn't be trusted, but sometimes it does work... sometimes, if you're very lucky.
Note that any cracked programs may be detected as malware and removed by some anti-viruses. A backup of important data -before- doing anything is very recommended.

About safe mode https://blog.malwarebytes.com/101/2015/01/safe-mode/
About boot time and external access https://www.howtogeek.com/187037/how-to-...e-windows/
A few options (although just a couple look promising) https://www.lifewire.com/free-bootable-a...ls-2625785




----

TOR is gone, thanks
Changed to a different Torrent client
I tried Illustrator using Opera for its free VPN and it may have worked. We'll see if it explodes after the week.

Tried Panda, Malwarebytes, MS - find nothing except Panda wanted to quarantine an   amtlib.dll  file which was a patch for another app.

Energy sapping, this ggame.

Need sustenance before attacking the laptop to get Office, Acr Pro, photoshop, Illustrator, Animator and the legit stuff onto that.

All vital for Cred. I'm a teacher and the others think I must be clever...  Nope!


Couple of queries:
HOSTS used to matter. It seems to have gone - yes?

amtlib.dll - what does that do?

TPB asks about main.js - "check it's loaded". I have no idea. WHere would that be?
Reply
#12
@User-Gascar

As I can see from net search amtlib.dl is a tool that is used to activate Adobe Products. Of course cracked tool, so standard antivirus will block this in anyway. If link with explanation still exist, it`s here:

https://official-amtemu.com/

..so without this you cant`t activate that adobe, so before installation you need to deactivate antivirus. On other hand i can`t grant you that file is safe, also you can`t use Tor for any site(use bridge to connect). Also to successfully uninstall Tor, you have to delete profile from User folder under Mozilla(maybe), and so on.
Reply
#13
(May 14, 2021, 18:34 pm)Gascar Wrote: ...different Torrent client -->> Which one?
...Panda wanted to quarantine an amtlib.dll -->> Panda hates cracks and is trigger happy by nature.
...others think I must be clever...  -->> Others always think a lot about us and even more of themselves. You're doing allright, better than most.

Couple of queries:
HOSTS used to matter... -->> As far as I know, still does. just check posts below.
amtlib.dll ... -->> Tipical Adobe stuff. If crack is related, probably is for that DLL is "licensing" related, Panda and Avira will dislike it.
TPB asks about main.js ... -->> What browser are you using? Any ad-blocker or something against javascript? I have to disable mine or put TPB in the white list sites.

https://www.thewindowsclub.com/hosts-file-in-windows
https://answers.microsoft.com/en-us/wind...c028e9e018

Your hosts file is in c:\windows\system32\drivers\etc\ (use notepad as administrator).
DO NOT tamper with hosts.ics file, it's managed by Windows. As MS says, Win10 keeps the old method of looking for domain addresses (IPs) in the "hosts" text file... BUT... 
It also includes some magic of it's own, thus the "ics" file nearby. There're some hosts management programs, maybe you would like to try.

Did I make it clear? Just to be safe: THERE'RE TWO hosts files, one simply "hosts" without termination (file type extension), second with ".ics" - You want the first, leave the other alone.
Reply
#14
Thanks guys.  Only Just seen these replies so more to digest.

--------------------------------

Tried the new laptop
It's almost new, only has office 2016 so far.

New download of a different torrent, same problem, seeing this:

[attached, too big to insert?]

That's a screenshot of a screenshot, but it really does look like it came off a photocopier.

Well at least they asked... I cancelled.

The ONLY common thing is the torrent client - I used the first one that search came up with which was µTorrent.

Yesterday I downloaded an app using Bittorent on the original computer, and that was fine.  µTorrent was the one I used on the first computer which gave trouble and now again onthe laptop..

IS IT a coincidence that it DOES NOT come up first on the search NOW. Maybe some unprincipled contemptible but up a Sponsored Link to a different download site?

Hey ho - I have to go a few steps back before going forwards. It's like trying to get to bit of car engine you need - lots of stuff in the way to be undone and replaced because you broke it though there was nothing wrong with it before......

I downloaded monkrus's Adobe collection, 25GB, so will delete and redo.  If tits go up even higher, I can wipe this laptop without losing anything.

INteresting fellow, http://www.monkrus.ws/p/nnm-club.html



Thanks for the javascript catch in (not Firefox but) Opera because I'm using its free VPN.

I found a couple of hosts files, they've not altered in a year (I kept a copy last time I went in there). INterestingly FIle Explorer search only finds 'hosts' sometimes - not if you do a whole rrive search.

I'll be back, if only to report success.


3 hours Later:
Well Yeee effin Haaaa, 37GB of Adobe 2019 apps c/o BasilBrush.

Doom descended when I tried the first one - XD which I'd not heard of, and it insisted on Adobe Creative Cloud membership. Angry

Visions of deleting yet again and finding all the singles but no, PS, AP, Il and the others I care about all work. Must have a go with Animate.

So I think that was it - a rogue version of a torrent client.  Live & Learn.

Thanks to everyone who chipped in to fill gaps in my knowledge , and for well, you know,  being there.
Heart


Attached Files Image(s)
   
Reply
#15
Happy to hear you're getting things done. Have a good protection and check your system from time to time. I like Panda because it's free and not much intrusive, but my download folder must be in the exception list just to avoid unwanted quarantines recurring. I manually check those files then move from download to a more permanent folder.

That EULA looks bad. Is that from uTorrent? Long time I last used it and don't remember seeing that much bs.
Reply
#16
@OP

Whenever downloading from the Apps section, always, and I mean *ALWAYS* : check the uploaders links.

If they have a history going back a while, odds are that the app is OK. If you are going to scan with AV - only files around 6 months or older will have a 90% chance of being found. Any zero-day scummer outside of a kiddie scripter will have wrappers that AV scanners *will not* find. They are tested against Virustotal and the like *before* release.

If the poster is a one day wonder, or has a bunch os same size postings - it is a scummer beyond doubt.

Sometimes some boogers will get through quality posters. Learn to use Erunt/Erdnt and have it run at every bootup. Win backup is worthless.
(As are all Win 'safety' features). Learn Hijackthis. These two apps will save your azz 99% of the time.
Reply
#17
Thanks guys.
Good stuff.
"Erunt/Erdnt and have it run at every bootup. Win backup is worthless.
(As are all Win 'safety' features). Learn Hijackthis. "

More to learn, thanks, hadn't heard of these.

For Adobe CC the multiapp Collection by BasilBrush looks perfect so far. Good fror Photoshop, Illustrator, Bridge, Animator , Acrobat pro Premiere  Pro etc.
https://thepiratebay.org/description.php?id=34154530


---

Resurrected another laptop with SSD and W10.

I downloaded MS Office prof 2019 ,
https://thepiratebay.org/description.php?id=45541808


and am now downloading Adobe CC.

I thought I'd do that before disconnecting from net & AV.
A Windows Defender scan appears to have deleted part of the first (MS) torrent as it had a Trojan  Rolleyes

Obvs question, should I switch off all aspects of AV while downloading? The notes in with the info say it's big nasty Billy G deleting the patch and not to worry, disable AV.

Sound or hoax?
Reply
#18
MSAV had options to restore quarantined files and after the latest update those seem to be gone, so I suggest you change your AV to something more customizable.
All AVs tend to treat cracked programs as malware, but MS won't let you decide to keep them.

Disabling your AV is not a good idea. If it says an app is bad, you should test it thoroughly on a sandboxed environment, for a month or more, then decide if you want to move it closer to the real system.
Or just run it on the safe (sand) box all the time. That was already said, I believe.
Reply
#19
Thanks agan. I 'd "released" things from Sandbox assuming they must be safe as no alarms were raised.

I did a download to  the PC using the method and from uploaders I'd used before on laptops, safely.
https://thepiratebay.org/description.php?id=45561286 from Canc232, who says in his txt file to disable AV.

For whatever reason,  I've been got!

AVs are finding NO issues other than things like the odd firefox file, Tried Malwarebytes and Panda, but

Opera ( which I used with VPN to download) is disabled completely
No MS AV scans will run.
Tried the MS Offline scanner - doesn't try to run
I don't have access to normal MS AV, because it says I'm not Admin.
There are indications that MS AV is on, also that it's turned off.
And I can't update W10. - error -

So I've downloaded Malwarebytes which I think has taked over from MS as an AV -

But I think I need to reinstall W10 - which I 've never done. Looks like it wil remove some programs at least.??
There's a couple of options.
Do I have to go for a complete wipe/reinstall everything.....??
I feel stupid for asking- this is highly googlable, but it's always the case, that some things they say aren't as they describe, and many things aren't explained at all, and some bits I don't understand..
And some don't apply, eg when they refer to my MS account "which will have recorded your Settings", - but I don't use.
And there's usually a special limited time off for some amazing software..


Yes I saw the same - MS AV not giving options Sad
Panda, I thnk it was, deleted a .dll file without a choice to keep it, which Acrobat pro used, so that doesn't run any more Sad
Reply
#20
Unless some "default to delete without confirmation" setting is on, my Panda allow me to revert things (from quarantine). Also I keep my downloads in a separate volume which is in AV exclusion list, to be untouched.
Anyway, there're others you should consider. Right now, your system clearly seems to be taken by a rogue program. I'm no expert in the field and without direct access to the thing, can't help much.
What is noteworthy is the app size, circa 600MB, a usual rogue size nowadays, while others are much bigger (1.4 GB give or take) and with a more specific file structure.

At this point, if AV programs don't run, I suggest a fresh reinstall, but for that you need a Windows media (DVD or thumb drive).
Also I'd suggest you delete the system partition and start from scratch, but that should ONLY be done by people who know well what they're doing AND have a clean copy of all the needed drivers setups, or you may end without sound, network, or even worse.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  installation instructions jpisore 1 1,478 Jun 21, 2024, 22:53 pm
Last Post: RobertX
  I need a stripped down Windows 8 or Windows 10 installation. Any suggestions? nosnavis 9 24,082 Jul 26, 2023, 12:38 pm
Last Post: theSEMAR
  CrackzSoft Mac Photoshop Install Failure. Help Appreciated. LandoDuke 0 12,332 Dec 22, 2019, 19:07 pm
Last Post: LandoDuke
  Product key required during installation chachachico 6 19,108 May 06, 2018, 06:46 am
Last Post: RodneyYouPlonker
  [split] Trouble with thethingy's Adobe Photoshop CS6 Extended installation docskab 3 20,853 May 05, 2017, 17:06 pm
Last Post: umopapisdn



Users browsing this thread: 2 Guest(s)