rarpassgen virus

[jacfenway95]

Has anyone else noticed that most of the tv shows posted are coming with a rarpassgen that is a bad virus?

After more research it seems someone has a bot or something going that downloads things and repackages them with this file. I normally use supersearch so maybe thats why I'm finding these. Maybe I would be better off just using nzb's from this site? 3 of the last 5 shows I tried all have this virus.

I'm almost to the point of cancelling my usenet after this and the comcast limited unlimited garbage.

 

[kelc2536]

I haven't noticed any of these viruses in the tv shows I download. I use the nzbs from here and supersearch.
I mostly download 720p though, is this in the xvids?

 

[~dancing in the rain~]

seems to be with any type of tv show. I've seen them bundled with notv, lol ,0tv, and others. Its quite talked about if you google it which is why I'm surprised no one here has mentioned it.

antivir xp notifies me as soon as the file is extracted.

 

[Revenge Wanted]

start to use private tracker for torrents

 

[k.liley]

So they fool people into thinking that they need a keygen to generate a key to open the rar? :lol:
Some ppl are just asking to get screwed. I'm sure they can get rid of some beginners by doing this but it has to be some ppl with too much time on their hands.

 

[Laney]

@jedispork

Can you tell me one of the posts you downloaded that had the virus please? Just link me to the nzb or something.

-TG

 

[Beau C]

Yes i have seen this on a notv repack. The file is rared as usual then when you unrar you get another single rar file. To unrar this it requires to to run the exe. I bailed at that point. But it does seem this shit is on the increase.

 

[lauren_nichole5]

if you search for fringe notv in supersearch you will get what I was talking about

fringe.s01e04.proper.hdtv.xvid-notv

posted in alt.binaries.multimedia 10.6 days ago

 

[inga g]

if you search for fringe notv in supersearch you will get what I was talking about

fringe.s01e04.proper.hdtv.xvid-notv

posted in alt.binaries.multimedia 10.6 days ago

Just take the first ones that is uploaded cause the ones that have the virus is reposts.

 

[TheOneAndOnly]

Just checked the posts, they are coming from download2day servers. I sent an email to them, if they know who posted it then hopefully they'll sort it out.

Though I noticed this on their site:

Uploading at this server is completely anonymous, so we do not register any data you upload or where you upload it from

And there was no sign of X-Trace or anything in the post relating to what user posted it. That's a shame because they most likely won't know who is doing this

 

[Xx_OneLove_Xx]

Just in case you come across one again and really do not wanna waste more bandwidth downloading another copy.
You can open the exe in notepad without worry of it infecting your machine make sure you have wordwrap on. Towards the bottom is the password, you will see something like 'password=whatever' You can also use a hex editor as well.

Those on linux can use this simple command to get it as well:
strings RARPassGen.EXE |grep ^Password