request for help in identifying and removing the virus
#1
I just figured out that there are sites pretending to be piratesbay, I'm surprised that there are so many people here who can hack entire development teams and you allow someone to copy your site and spread shit Sad I'd like to avoid the format. I've been fighting for two days and trying to get rid of there is a virus that is in the torrent at the given link, will there be someone brave who will identify what this shit is and how delete? Smile




https://pirate-bays.net/search?q=stellaris  <-- file after download this torrent is VIRUS! be cearfull

greetings
Reply
#2
What was the torrent you downloaded? And was there any mention in the comments about this virus?

It would be easier to determine a course of action to remove it if we can identify what is affecting your system.
Reply
#3
https://toolslib.net/downloads/viewdownl...dwcleaner/

Shouldn't use Proxy sites they are bad, they are like a mirror of TPB and contain all kinds of nasties that's the whole idea.  The only real way to Pirate on TPB is to use the real site thepiratebay.org and if you're being blocked then use a good VPN like a lot of people do here on this forum.

Pirating these days in 2021 is a dodgy game so really a VPN is a must also it protects you from being hacked.  Just simply never use Proxy sites they can't be trusted.  Download from somebody with either a Pink or Green skull who has been verified that they upload good content.
Reply
#4
I pasted the link to this torrent in the first post. i thought i was on the correct pirates bay site i did not immediately notice the suspiciously small file size. The virus has blocked access to some .exe files. There are messages such as "unable to run file in temporary folder, error 5 access denied" it seems that despite the fact that I have administrator rights, the system thinks that I do not have it. I used a few programs already, they found some crap that was removed other antivirus programs are blocked as above, it looks like the one you entered can be run, I will try and then restore the system settings to default maybe it will do something.
Reply
#5
Its not the mirror site, but rather the uploaders that are of issue. Sporgers infest many site areas and APPS is the worst.
Just take a look at armagadelhobbit.
Page after page of 12.6Mb files all with different names - a sure sign of a sporger. And the files are absolutely guaranteed to be boogers.

Watch out for videos with .scr or .lnk. In Win they are executable: Virus files for media.

That said, some mirror sites are disgusting and are themselves risky to simply view. Some are benign, or aparently so with a well protected system. Like the one from the OP. But even TPB has its nasties for the unprotected.

The *most* important item for downloaders on torrents is WHO the uploaders are. ALWAYS check their history, to make sure they are not one day wonders, whose accounts get cancelled after their reign of terror ends.

there are some legit one time posters. They will only post a few files, and all will be obviously different.

Plus new folk had better learn the basics of system operation. If you know what you are doing you can often take real malware, and safely extract data from it. Some scummers often have *real* stuff wrapped inside their boogers. Do NOT try this at home without a good understanding (and a sandbox).
Reply
#6
(Mar 25, 2021, 21:16 pm)didek916 Wrote: https://pirate-bays.net/search?q=stellaris  <-- file after download this torrent is VIRUS! be cearfull

(Mar 26, 2021, 02:01 am)didek916 Wrote: I pasted the link to this torrent in the first post.

The link returns "403: forbidden", but judging from the url it is a link to a search rather than a torrent.

Here is the same search query done on the official TPB: https://thepiratebay.org/search.php?q=stellaris
Reply
#7
(Mar 26, 2021, 02:54 am)waregim Wrote: Its not the mirror site, but rather the uploaders that are of issue.


While true, it is important to note that many of the mirrors and proxies are quick to show the new garbage but a lot slower reflect what was removed.

A lot of crap still listed on the proxies and mirrors is long gone from the real TPB. That is part of the reason we advise to avoid them.

The other part being that there is no real way to tell the difference between a legit proxy and a fake site posing as TPB.
Reply
#8
True.
I like the tradtional layout of the .asian mirror better, and it seems to be in lockstep.
Not sure about their redirects, but after 5 minutes of dumping them in HOSTS, seems fine.

I see APPS is swept this morning.
Time for 'breakfast'.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Virus Check? kRaZyXmAn 6 11,153 Dec 01, 2022, 12:38 pm
Last Post: BigDadE
  Help: Questions about DRM Schemes and Downloading Malloc 0 23,259 Jul 30, 2020, 18:54 pm
Last Post: Malloc
  What anti virus is recommended nowadays? jbravo 19 25,417 May 25, 2020, 16:43 pm
Last Post: waregim
  Virus/botnet Spammers flairdevil 2 12,054 Jan 27, 2020, 07:59 am
Last Post: EddieXTC
  Virus. Classeman 9 19,905 Dec 26, 2018, 13:59 pm
Last Post: somerandomtoruser



Users browsing this thread: 2 Guest(s)