Razor 1911 keygen for ARMA II – virus or not?

August 5th, 2016

I went searching for, found and downloaded the Razor 1911 keygen for Armed Assault II. It was a torture to stop NOD32 from deleting it and now I’d like to know if there is a way to determine if it was a false positive. Any ideas?
Thanks

Answer #1
Upload it to virus scan and jotti malware sites.
See if more than 8 out of 50 say it’s a virus AND they are not just crappy AV programs (like clam, for EG)
Answer #2
I went searching for, found and downloaded the Razor 1911 keygen for Armed Assault II. It was a torture to stop NOD32 from deleting it and now I'd like to know if there is a way to determine if it was a false positive. Any ideas?
Thanks

Upload to http://www.virustotal.com/
Answer #3
if you get it from a reliable uploader :- Toothless etc.
Then i would say its clean as most keygens come up with false positives.
if you didnt then follow what suggested.
Answer #4
Thanks guys. And the result is 73.8% positive. Guess I should have let NOD32 do its thing.
Answer #5
I use Nod 32 AV and Nod has a habit of finding faulse positives especially keygens. Just disable your AV temporarily when downloading or unpacking a rar file ……….. you will rarely find an infected crack no matter what it is and in all the years I have been downloading I can’t remember having even one.
Answer #6
Why not use SandboxIE?
Answer #7

Saturnsid wrote: Select all

I use Nod 32 AV and Nod has a habit of finding faulse positives especially keygens. Just disable your AV temporarily when downloading or unpacking a rar file ……….. you will rarely find an infected crack no matter what it is and in all the years I have been downloading I can’t remember having even one.
Your post pretty much sums up my experience which is why I disabled NOD32 and dl’ed anyway. But this one didn’t come from so I became suspicious. What would you be inclined to conclude if 73.8% of the av engines at virustotal.com said it was infected?
Answer #8

Saturnsid wrote: Select all

I use Nod 32 AV and Nod has a habit of finding faulse positives especially keygens. Just disable your AV temporarily when downloading or unpacking a rar file ........... you will rarely find an infected crack no matter what it is and in all the years I have been downloading I can't remember having even one.
Your post pretty much sums up my experience which is why I disabled NOD32 and dl’ed anyway. But this one didn’t come from so I became suspicious. What would you be inclined to conclude if 73.8% of the av engines at virustotal.com said it was infected?
Well, I don’t download anything (very rarely) from . Nothing against the downloads here but I still use sites I had used for a long time before becoming a member here and the sites I use (Russian/Chinese/Greek) are 100% trustworthy.
Answer #9
What you can do – I found a portable windows xp, it uses QEMU to run a mini-micro image of xp. Slooowly, but it works, and it’s virtualized fully seperate from your host system.
It DOES save to the image when you use it – I keep an original backup of the image, and replace it when I run a keygen.
Internet works well.
Run the image from the bat file, download the keygen, get your key and writi it down. Kill the qemu session, go back to your normal system and run the program with that generated key – SAFE!
(search here for the portable xp thingy)
Answer #10
@ – Thanks for sharing that. QEMU is all new to me but your solution is interesting and it looks like it would be worthwhile to get acquainted with it. Do you think it’s any more secure that SandboxIE?
Answer #11
Probably about the same – the difference is it’s portable, and write nothing to your HD, except to its own img file internally. You have to install sandboxie and run the browser within it.
This portable QEmu based XP is a whole operating system virtualized – just run it like normal, download from net, run possible virus, note details, kill portable image (keep backup before you start – I keep my original zipped..).
Answer #12
why dont you just download a different keygen ?
Answer #13
why dont you just download a different keygen ?
I’m pretty much beyond the point of just getting a key and now looking for a way to deal with similar situations in the future. False positives are so common that it’s easy to become complacent and blow off an av warning. The objective is to know how to deal with one and not compromise the system. Besides, a keygen for that particular game was very hard to find.
Thanks to everyone that jumped in here. You’ve shared some valuable insights and I appreciate it.