Gen:Variant.Razy.31005
- Thread starter BasicUser
- Start date
- Joined
- Nov 5, 2018
- Messages
- 3,014
I could suggest a couple of solutions.
First I would submit samples to virustotal before I started calling everything infected. I suppose a cracked program in a stretch could be called a virus so it's not technically a false positive although it presents no threat to the host system.
Second Where the heck are you getting all these programs with the same infection? I don't go crazy with warez but I don't recall ever seeing that particular warning. Find another source.
In it's purest form this virus consists of an altered .dll that opens a "back door" to the system and calls home to specific sites. If you are that curious use the sandbox program listed in this forum, virtually load the program, and open a command line (as administrator from the search box type cmd. In the search results left click, and choose "run as administrator".) after the ">" prompt type "netstat" then Enter and you will see all the all the Internet connections you system is trying to complete. That should tell you what's going on if anything is trying to fool with your system.
First I would submit samples to virustotal before I started calling everything infected. I suppose a cracked program in a stretch could be called a virus so it's not technically a false positive although it presents no threat to the host system.
Second Where the heck are you getting all these programs with the same infection? I don't go crazy with warez but I don't recall ever seeing that particular warning. Find another source.
In it's purest form this virus consists of an altered .dll that opens a "back door" to the system and calls home to specific sites. If you are that curious use the sandbox program listed in this forum, virtually load the program, and open a command line (as administrator from the search box type cmd. In the search results left click, and choose "run as administrator".) after the ">" prompt type "netstat" then Enter and you will see all the all the Internet connections you system is trying to complete. That should tell you what's going on if anything is trying to fool with your system.
th3m
VIP
- Joined
- Jun 24, 2020
- Messages
- 137
Maybe the system is compromised and affects the .exe files.
After the VirusTotal check, as DVDR_Dog suggested, i would do a Microsoft Defender Offline scan (Instructions).
If the offline Defender scan doesn't run for whatever reason, maybe you need an AV Rescue Disk to boot your system and perform that offline check. (I have tried the one from Kaspersky in the past)
Report here the results so we can assist you further
After the VirusTotal check, as DVDR_Dog suggested, i would do a Microsoft Defender Offline scan (Instructions).
If the offline Defender scan doesn't run for whatever reason, maybe you need an AV Rescue Disk to boot your system and perform that offline check. (I have tried the one from Kaspersky in the past)
Report here the results so we can assist you further
philalethes
Donator
- Joined
- Jul 1, 2020
- Messages
- 115
I have used Vipre Security for years solely because it let's me whitelist cracks and keygens, patches...stuff I want to keep. It's only so-so for detection, and like most AV products you will see listed on virustotal, Vipre takes the lazy way out and calls anything slightly odd a "virus.'
Generally if Kaspersky or Malwarebytes gives it a pass on virustotal, I trust that because they will actually say something is a "keygen" etc.
When I get bitten by malware in warez...from being lazy... I download latest free Malwarebytes and it usually hoses me clean. I tried switching to it and Kaspersky, but it seems I couldn't review scan results first and whitelist.
when your system seems clean, make an image of the C: drive. Get Macrium free. Macrium can create a book disc, and also put itself into the boot menu as a choice.
Generally if Kaspersky or Malwarebytes gives it a pass on virustotal, I trust that because they will actually say something is a "keygen" etc.
When I get bitten by malware in warez...from being lazy... I download latest free Malwarebytes and it usually hoses me clean. I tried switching to it and Kaspersky, but it seems I couldn't review scan results first and whitelist.
when your system seems clean, make an image of the C: drive. Get Macrium free. Macrium can create a book disc, and also put itself into the boot menu as a choice.
- Joined
- Nov 5, 2018
- Messages
- 3,014
Amen on that. You get lazy, you get burned playing with this stuff.
To be honest I quit trying to tell people what the best day to day A/V is. They all have their strengths and weaknesses. I can't see through another user's eyes so short of warning them what's useless, so be it.. Malwarebytes is always the go to program but it isn't the gospel truth. Virustotal gives you the perspective of many different A/V programs and you can make an intelligent choice from there but we all make mistakes, that's for sure.
But yeah, get lazy and let your guard down and they are waiting for you. Such is the way it goes when you play like this.
th3m
VIP
- Joined
- Jun 24, 2020
- Messages
- 137
Because there is no best. Antivirus is probably doing more harm than good.
If you need antivirus the best option is always the built in one. You already trust the OS maker. Windows Defender, Gatekeeper, and Play Protect are all you want. If your platform doesn't have a built in one don't bother.
philalethes
Donator
- Joined
- Jul 1, 2020
- Messages
- 115
Re: warez--
I just like to hear the old mods and chip tunes on the keygens and patches!!! Takes me back to happier days...
"You already trust the OS maker. Windows Defender, Gatekeeper, and Play Protect are all you want."
LOL. Windoze is so backdoored and effed up by the Talpiot crew who offer us "security."
https://busy.org/@blondenfun1/israe...ine-of-all-time-operationtalpiot-talpiotflyer most links are suppressed.
another version: https://christiansfortruth.com/do-israeli-jews-have-backdoor-access-to-nearly-all-computers/
They keep taking down Brendan O'Connell channel but he resurrects.
Sorry if you're offended...but Hydra malware is real. Intel shot themselves in the foot moving their main fabrication plant to Sion.
I just like to hear the old mods and chip tunes on the keygens and patches!!! Takes me back to happier days...
"You already trust the OS maker. Windows Defender, Gatekeeper, and Play Protect are all you want."
LOL. Windoze is so backdoored and effed up by the Talpiot crew who offer us "security."
https://busy.org/@blondenfun1/israe...ine-of-all-time-operationtalpiot-talpiotflyer most links are suppressed.
another version: https://christiansfortruth.com/do-israeli-jews-have-backdoor-access-to-nearly-all-computers/
They keep taking down Brendan O'Connell channel but he resurrects.
Sorry if you're offended...but Hydra malware is real. Intel shot themselves in the foot moving their main fabrication plant to Sion.
- Joined
- Nov 5, 2018
- Messages
- 3,014
Well that's being pretty harsh. We try to park politics at the front door on the way in here. It's not a valid subject for discussion in the forum.
Netstat or a network sniffer would verify if such a thing was happening so no network activity is clandestine.
I always disable the The Intel Management system my own system or any I service. It's worthless for home systems and most business environments. It well known it's been a security mess since it first was implemented.
So just disable it and that's that. It's good advice.
Netstat or a network sniffer would verify if such a thing was happening so no network activity is clandestine.
I always disable the The Intel Management system my own system or any I service. It's worthless for home systems and most business environments. It well known it's been a security mess since it first was implemented.
So just disable it and that's that. It's good advice.
jackwilliam7
Active Member
- Joined
- Feb 25, 2025
- Messages
- 36
hacxx
VIP
- Joined
- May 29, 2021
- Messages
- 1,239
BitDefender is known for being strict with heuristics, and Gen:Variant.Razy.31005 is a generic detection often triggered by tools or installers that use compression or obfuscation. It’s not always malware, but it’s worth checking. You can try uploading the file to VirusTotal to compare detections across engines
Similar threads
