cracks.am virus warning treu or false ??

Discussion in 'NOD32 version 2 Forum' started by Ineke, Nov 19, 2004.

Thread Status:
Not open for further replies.
  1. Ineke

    Ineke Registered Member

    Joined:
    Nov 14, 2004
    Posts:
    20
    Location:
    NL
    Hallo

    Is this a real virus warning or not.This was kept from the cracks.am site, were i always looking for some things, and has never had anything like this before, i am now not able to download from the site, so i like to now is this a false one or a real one ??

    Thanks..


    Time Module Object Name Virus Action User Info
    19-11-2004 23:08:54 IMON archive install.xxxtoolbar.com/ist/scripts/prompt.php?event_type=onload&recurrence=random&retry=3&loadfirst=1&account_id=138770&signature=cracks[/url] JS/TrojanDownloader.IstBar.A trojan connection terminated \Ineke
     
  2. gerardwil

    gerardwil Registered Member

    Joined:
    Jan 17, 2004
    Posts:
    4,748
    Location:
    The Netherlands
    Ineke,

    Going to that site is asking for trouble!

    Gerard
     
  3. Ineke

    Ineke Registered Member

    Joined:
    Nov 14, 2004
    Posts:
    20
    Location:
    NL
    Well oke thanks, trouble is not what i need so ,thanks..
     
  4. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    You would have to send an email to support@nod32.com to answer that question...

    Cheers :D
     
  5. Ineke

    Ineke Registered Member

    Joined:
    Nov 14, 2004
    Posts:
    20
    Location:
    NL
    Yes blackspear i shall do that, but if its asking fot trouble i leave that site better fot what it is..I have looked there many times but never find it.
    I wanna crack in games so i can play in games whit all guns and so :D

    Thanks..
     
  6. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    That's ok, I know what you mean...

    Cheers :D
     
  7. Smokey

    Smokey Registered Member

    Joined:
    Apr 1, 2002
    Posts:
    1,513
    Location:
    Annie's Pub
    It is a real warning.

    Have tested cracks.am with several AV's.

    It is a trojan, there are several names for the trojan, for example Mcafee calls it "Exploit-MhtRedir.gen".


    Info from the Mcafee website:

    [font=Arial, Helvetica, sans-serif]Trojan Characteristics: [/font][font=Arial, Helvetica, sans-serif]-- Update June 24, 2004--
    It has recently been made known that some IIS servers have been remotely hacked. This exploit was utilized to redirect the client's browser to the location http://217.107.218.147 containing an infected webpage causing unsolicited files to be downloaded and executed.

    Certain downloaded files are detected as BackDoor-AXJ.dll , JS/Exploit-DialogArg.b , and VBS/Psyme with the current DAT files.

    For further details concerning this threat, and details of available Microsoft patches see:
    http://www.microsoft.com/security/incident/download_ject.mspx

    -- Update June 10, 2004 --

    The risk assessment of this threat has been updated to Low-Profiled due to media attention at:
    http://news.com.com/Pop-up+toolbar+spreads+via+IE+flaws/2100-1002_3-5229707.html?tag=nefd.top

    A new attack vector was discovered recently, which by passes the MS04-013 patch. Generic detection of this new exploit code will be included in the 4366 DAT release.


    This detection covers code designed to exploit an Internet Explorer vulnerability.

    The exploit results in a CHM (Microsoft Compiled Help) file being written to the local system allowing for additional exploit code to then execute the downloaded file.

    The end result is the execution of arbitrary code at the permission level of the current user.

    Microsoft has released a patch for this vulnerability.
    See: http://www.microsoft.com/technet/security/bulletin/ms04-013.mspx

    [/font]

    [font=Arial, Helvetica, sans-serif]Symptoms [/font][font=Arial, Helvetica, sans-serif]This exploit code could be used to execute a variety of different programs/malware. Therefore it is not possible to give specific details about how to recognize an infection.
    [/font]

    [font=Arial, Helvetica, sans-serif]Method Of Infection [/font][font=Arial, Helvetica, sans-serif]This threat exploits an Internet Explorer vulnerability.

    [/font]


    [font=Arial, Helvetica, sans-serif]Aliases [/font][font=Arial, Helvetica, sans-serif]Name [/font][font=Arial, Helvetica, sans-serif]Bloodhound.exploit.6.html (Symantec), [/font][font=Arial, Helvetica, sans-serif]Exploit-MhtRedir[/font]




    Ciao,

    Smokey
     
  8. Ineke

    Ineke Registered Member

    Joined:
    Nov 14, 2004
    Posts:
    20
    Location:
    NL
    Hallo

    Thats a lot of info you give thank you very much :D
     
  9. Edwin024

    Edwin024 Registered Member

    Joined:
    Nov 14, 2004
    Posts:
    1,000
    This is what they have to say themselves on that site:

    I must say that I believe most of what they say. NOD32 can say something there but as long as TDS3 and Ewido say nothing I think that NOD gives a kind of false warning. As do other av-products by the way.
     
  10. Smokey

    Smokey Registered Member

    Joined:
    Apr 1, 2002
    Posts:
    1,513
    Location:
    Annie's Pub
    Visiting warezzzz and crackzzzz sites is ALWAYS very dangerous.......


    Ciao,

    Smokey
     
  11. snapdragin

    snapdragin Administrator

    Joined:
    Feb 16, 2002
    Posts:
    8,415
    Location:
    Southern Ont., Canada
    Humm...what's wrong with this picture?

    Why would anyone trust a person that says in the same sentence that they steal from others with cracked versions of software?

    They're already breaking the law, what makes you think they're worried about their files having malware in them that could end up making them more money from stealing personal information from those that download their software.

    snap
     
  12. Edwin024

    Edwin024 Registered Member

    Joined:
    Nov 14, 2004
    Posts:
    1,000
    That is a fact, but visiting lots of other sites can also being very dangerous. That's not the point, mate.

    And I believe that this discussion goes into a direction that I find silly. We now get the discussion about legal and illegal. That was not the question of the poster...
     
  13. snapdragin

    snapdragin Administrator

    Joined:
    Feb 16, 2002
    Posts:
    8,415
    Location:
    Southern Ont., Canada
    You are right, Edwin024, in that we are straying from the original poster's questions.

    However, on the subject of warez sites and/or using cracks, I will take this opportunity to remind everyone that this site does not recommend visiting warez sites, or using cracked software of any kind.

    Regards,

    snap
     
  14. dog

    dog Guest

    Hi Edwin, ;)

    I think you mis-understood.

    Ms. Snap ... was only making a point that these warez / crackz sites, are already stealing the rights of the developer ... & with that in mind, wouldn't it be possible/probable that they could/would perform a crime on you. And I don't believe she was debating the issue of warez. ;)

    What you do is your business ... but everyone should be aware of the risks, thats all. ;)

    dog - *puppy*

    [edit] Snap spoke for herself ... ^^Above^^ ...
     
  15. Eliot

    Eliot Registered Member

    Joined:
    Aug 8, 2003
    Posts:
    854
    Location:
    Arkansas, USA
    Here you go. This is where you want to go for games. I use it regularly after whoopin that baby the hard way.
    :D

    GameSpy - Largest Cheat Collection for Games *puppy*
     
  16. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Many thanks Eliot.

    All the best...

    Cheers :D
     
  17. Eliot

    Eliot Registered Member

    Joined:
    Aug 8, 2003
    Posts:
    854
    Location:
    Arkansas, USA
    Almost said, your welcome BS, then realized better. Your welcome Blackspear. BTW you remind me of Rogue Spear when I see your name. Man that was a fun game. :D
     
  18. mercany

    mercany Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    4
    Hi all!

    I also know about this site and want to tell you my own experiences with this kind of sites. Both cracks.am and other kind of crackz- and warezsites are very dangerous.

    What this sites promise, no virus etc., is idiocy!!!
    In the past, i have download some cracks from cracks.ws and cracks.am.
    At that time my antivirus-program tells me about a kind of trojan, but i take it with a pinch of salt - that was a big mistake!

    By and by my system runs astable and i must install it again.
    So deal this sites with great care!



    So long!
    mercany
     
  19. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    LOL, I put together my nickname from 2 things that revolve around my surname :D Haven't played the game you mentioned...

    Cheers :D
     
  20. Ineke

    Ineke Registered Member

    Joined:
    Nov 14, 2004
    Posts:
    20
    Location:
    NL

    Hey thanks, a lot of more use than the other one ,this is what i need
    Thanks again :D
     
  21. Eliot

    Eliot Registered Member

    Joined:
    Aug 8, 2003
    Posts:
    854
    Location:
    Arkansas, USA
    Your quite welcome. Just take my advice once more and beat it without a cheat first or you'll ruin the game. I ruined the original Splinter Cell this way and somewhat still mad about it. I beat the 2nd Splinter Cell without any help and enjoyed it so much more. Its a ton of fun now to go back and play with the cheats after beating it the hard way.
     
    Last edited: Nov 20, 2004
  22. Re: cracks.am virus warning true or false ??

    I'll tell you right now that i went to cracks.am, and it was the only site my proxy wouldn't allow me to open after opening it once. Immediately after that, it wouldn't open anything, then it froze. I re-booted several times with various affects on my computer. Some of these were, system hangs, motherboard cpu changes in the bios (some of which were dangerous overclockings), video card driver changes,.....the list goes on...

    i tried to keep up with the constant changes to my system so i could get online long enough to download any fixes. good luck that way!

    I am now trying to download patches through another computer on my network that wasn't infected. Trust me that I downloaded the win98 patches on this cpu! I'll let you know first hand what is happening about my experience with cracks.am as it happens to me now.

    I just want to say that I understand that cracks.am obviously are not intending to do anybody any harm. that's moot.

    I also understand that they are in damage control mode and are not trying to lose their clients.

    What i don't understand is how they can say that their site is o.k.

    I figure that some software company is probably pissed at cracks.am because they are responsible for a majority of the piracy going on. They could hire some hacker to get rid of cracks by hijacking their site, and hey , why not screw those jerks that are using cracks too?

    well, all i can say is hooray for the hackers who can stay true to their supposed values, and to hell with the ones who are as greedy as the people they're supposed to knock down a few pegs.

    I'll tell you more as it happens.

    R2GS
     
  23. windstrings

    windstrings Registered Member

    Joined:
    Oct 20, 2004
    Posts:
    337
    Humm.... its a matter of not so much legal or not legal... its character!
    When you go to those sites, you better have your guard up and eyes open, cause they honor no nobel ideas and thier sites are founded and based on deception "building up false web counter numbers" and selling product not their own.
    Copying anothers product is one thing.... selling and making a profit is another. They are making a living off of someone elses work.

    Its gotten to where they think they can put trogans on your computer to direct you to thier sites etc and it no different in their mind than sites who put cookies on your computer!

    Speaking of cookies... do this and save yourself a ton of headaches and give your trogan software a rest!..... if you use IE.. go to Tools----> Internet Options---> Privacy----->advanced-----> then in the upper left tick the box to overide automatic cookie handling-----> on first party cookies... check "prompt" and "always allow session cookies"..... on third party cookies.... "block" them.... they are almost "always" the bad ones!.... whose business is it anyway to put a cookie on your computer if your not even on their site? *(&^()& them!!!!

    Now when you visit sites you will be prompted and almost always you should "just say no!".... with a few exceptions.. like maybe your bank etc... .only sites you trust!!! If you tick the option to always do it for that site.. you won't be prompted anymore when visiting that site.. since it knows what you want to do.

    If you make a mistake and permantly block one that you want to "unblock".... just follow the same pathway.. except rather than hitting the "advanced" button.... hit the "sites" button and remove the site that you don't want to block and it will give you another chance to pick what to do again when you log backon to that internet site!.....
    After doing this... my pestpatrol doesn't even collect any bad cookies and delete them anymore!... because thier aren't any!...

    beware.. however, if you use spysweeper.... it removes these settings.. I haven't figured out why yet.... you'll have to reset them after running spysweeper.
    Unfortunatly this will not stop the trogan that tried to get you (JS/TrojanDownloader.IstBar.A trojan) ..... but many times those cookies invite traffic yourway you don't want.... I have a total of 4 cookies I need.... all the others are useless!
     
  24. Ineke

    Ineke Registered Member

    Joined:
    Nov 14, 2004
    Posts:
    20
    Location:
    NL
    yeh yeh , but i am not so very good shooter, and a girl hihi, now i am playing, meddal of honor pacific assault pfffffffffffff nice but really diffacult, no cracks, or cheats do you call it, i promise :D
     
  25. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    You will get it Ineke, it just takes patience and practice, and even more patience and practice. I did the same with Serious Sam, absolutely looooved the game :D

    All the best...

    Cheers :D
     
Thread Status:
Not open for further replies.