Avast WEBforum
Other => Viruses and worms => Topic started by: danny96 on November 09, 2011, 08:01:36 PM
-
Hi Again ;D
I know I have ESET but i want to ask you (eset forums = dead) if some1 have some experiences with reloaded cracked games. ESET reported "rld.dll" as Win32/Packed.VMProtect.AAH trojan horse. Can I trust to reloaded cracks? Or is it well known false positive? is avast! reporting it as virus, too?
-
Trust a crack?
As well to trust a junkie.
-
Trust a crack?
As well to trust a junkie.
Sure. But I just want to know If I can add it to exclusions and use it safely. Because I need that file to run that game.
BTW can .dll file damage system??
-
upload suspicious file(s) to www.virustotal.com and test with 43 malware scanners
when you have the result, copy the url in the address bar and post it here for us to see
alternative
Jotti http://virusscan.jotti.org/en
VirSCAN http://virscan.org/
Metascan http://www.metascan-online.com/
-
4 / 20
http://virusscan.jotti.org/cs/scanresult/407398b3acd1258e093673825024c3b24e6855c9/73da11a1424eb1459309f9d6a0dacb66f8c4f538
Virustotal is dead... everytime i try to upload it it just says "time limit expired"
PS. Eset keeped quarantining it when selecting it to upload so i needed to turn off eset.
avast! online scanner said that "rld.dll" is clean
-
you can also send it to Avira lab for analysis, then you recive a result in about 24 - 48hours
http://analysis.avira.com/samples/
-
Hi danny06,
This analysis is not reassuring for this Netshooter dll: http://www.threatexpert.com/report.aspx?md5=918f2f57ea5e49032f5e349c4411df2b
There are some that score 0,00%, see: http://f.virscan.org/rld.dll.html
http://www.prevx.com/filenames/X655823274416869993-X1/RLD.DLL.html
will give you all of the malware issues.
Why use a crack, very unwise and also unethical.
Some will try to repair it from a dll-files site:
The alerts may stem from generic finds for rld.dll packed by FLY-CODE
and rld.dll packed by VMPROTECT,
polonus
-
So It's FP ???
can I add it to exclusions ?
what does it means when It's packed with VMprotect or FLY-CODE?
-
So It's FP ???
can I add it to exclusions ?
Do as you like, I won't help you with this. ::)
-
I just wanted to know If It's safe to use. If It can't infect/damage my system. That's everything.
-
I just wanted to know If It's safe to use. If It can't infect/damage my system. That's everything.
Well, it's a crack. Think about it. :P
-
I just wanted to know If It's safe to use. If It can't infect/damage my system. That's everything.
Well, it's a crack. Think about it. :P
Cracks are oftenly picked as malware by antiviruses... nothing is perfect... so no one knows reloaded cracks? everyone running only original games or have cracks from razor and skidrow huh
-
Cracks are oftenly picked as malware by antiviruses... nothing is perfect... so no one knows reloaded cracks? everyone running only original games or have cracks from razor and skidrow huh
See Reply #8.
-
I refer you to my first response;
Trust a crack? As well to trust a junkie.
You could also insert "prostitute" in place of junkie. ;D
Meaning, there is no such thing as a trustworthy crack. You don't know where it has been, who it has been with, it is the carrot being dangled in front of your face. Take a bite, if you dare.....and be ready to wake up with your wallet gone, or maybe even some organs missing.
Some things like Photoshop, you can almost see why people use cracks on that, so ungodly expensive. Almost.
But a game? I've never played a game that was worth the risk and moral compromise of using a crack (and I've played a lot of games).
But above all that....this is the official support forum of a legit software company, you should not be able to get help with cracks here.
-
But above all that....this is the official support forum of a legit software company, you should not be able to get help with cracks here.
+1
-
Hi Asyn,
I agree with you here, that we are not to help users with such problems. I advised danny96 in a very subtle way that there is a more friendly and legit approach to get a specific dll implemented :-X and if he cannot take the hint and read in between the lines, then he rather deserves to go on checking his online "cracks" against anti-malware scanners, and not get any answers here ;D,
polonus
-
Hi Asyn,
I agree with you here, that we are not to help users with such problems.
Great. :)
-
Avira lab says it's clean. 8)
Virustotal users says it's Goodware. So It's False Positive.
http://www.virustotal.com/file-scan/report.html?id=d01f3a8e08b75619c5a010295cd438ca3b4718c877dae908e0c806018095a151-1321016543
-
"Can .dll files damage the system?"This is a rhetorical question i guess.
Anyhow
http://www.prevx.com/filenames/X655823274416869993-X1/RLD.DLL.html
Note: Cloaked Malware(packed,crypted etc.).In fact Jotti,gave accurate scan results.
-
Hi Left123,
Insights may differ for flagging the obfuscation techniques used, see this link: http://pesedit.com/forums/showthread.php?10424-For-AVG-users-with-rld-dll-problems&s=eeeecfa8e9d40d3dc00aaaa690fa020e&p=130860
For a VT scan on this "Battlefield Bad Company dll": http://www.virustotal.com/file-scan/report.html?id=338717b90696d61e1d938e5b27e39fa4880ace5df0f6ac7647d877258a326e9d-1267745128
where a more up to date report only comes up with 1 detection: VIPRE 10882 2011.10.26 VirTool.Win32.Obfuscator.a which denotes VirTool:Win32/Obfuscator are detections for programs that have had their purpose obfuscated to hinder analysis or detection by anti-virus scanners. They commonly employ a combination of methods including encryption, compression, anti-debugging and anti-emulation techniques.
But again they commonly employ a combination of methods including encryption, compression, anti-debugging and anti-emulation techniques.
Quotes taken from MS Malware Protection Center Threat/Encyclopedia
So I cannot repeat this, but here we get a POSSIBLE infection: http://r.virscan.org/f7e1c1a1f4837b6c345574bb4932d65e
polonus
-
Hi Left123,
Insights may differ for flagging the obfuscation techniques used, see this link: http://pesedit.com/forums/showthread.php?10424-For-AVG-users-with-rld-dll-problems&s=eeeecfa8e9d40d3dc00aaaa690fa020e&p=130860
For a VT scan on this "Battlefield Bad Company dll": http://www.virustotal.com/file-scan/report.html?id=338717b90696d61e1d938e5b27e39fa4880ace5df0f6ac7647d877258a326e9d-1267745128
where a more up to date report only comes up with 1 detection: VIPRE 10882 2011.10.26 VirTool.Win32.Obfuscator.a which denotes VirTool:Win32/Obfuscator are detections for programs that have had their purpose obfuscated to hinder analysis or detection by anti-virus scanners. They commonly employ a combination of methods including encryption, compression, anti-debugging and anti-emulation techniques.
But again they commonly employ a combination of methods including encryption, compression, anti-debugging and anti-emulation techniques.
Quotes taken from MS Malware Protection Center Threat/Encyclopedia
So I cannot repeat this, but here we get a POSSIBLE infection: http://r.virscan.org/f7e1c1a1f4837b6c345574bb4932d65e
polonus
I think that,an obfuscated code/progame ALWAYS wants to hide something.So,why would i trust it?Prevention is the best anti-virus.