RSD Lite 4.1

[pawan]

yes there is a virus in that (rsdliteupdate.exe).

I have created a portable version of RSD Lite after deleting that file .

This is a portable version of RSD Lite 4.1 no installation required.

http://rapidshare.com/files/57574530/RSDLite.zip

[DAGr8]

yes there is a virus in that (rsdliteupdate.exe).

I have created a portable version of RSD Lite after deleting that file .

This is a portable version of RSD Lite 4.1 no installation required.

http://rapidshare.com/files/57574530/RSDLite.zip

hey can you tell me what anti - virus you are using ?

thx

[cyberoidx]

So I've been Working on it:
http://www.eset.com/threat-center/pe...m/prob_unk.htm
http://eset.com/threat-center/blog/?p=48

( Read the Links, or My AWESOME Explanation )

Most common types of infiltration are:
NewHeur_PE
File marked as NewHeur_PE was detected using broad heuristics because it contains parts of code typical of worm infiltrations spread over the internet. Using this method NOD32 was able to identify worms Win32/Zafi.B, Win32/Mydoom.R, Win32/Bagle.X and many others.

Its probably the part of code with the drivers, and which writes the firmware that it picked up as similar to a worm, anyways... they ask you to send the file if you think its a false alarm.... too bad we wont

And for what is matters, NewHeur_PE virus Means... New Heuristic Potential Exploit Virus (Ok, I kinda made that up, but it makes sense :P )

Is nod free? cause you might as well get Kaspersky's free AV ... www.activevirusshield.com/

[cyberoidx]

HAHAHAHAHA ROFL

Vbulletin just s**ks!

If there is the word "virus" in the quotes or codes tag, it truncates the message at the v. Had to sit and figure out wtf was happening lol.. finally removed "virus" after NewHeur_PE in the above post

[pawan]

hey can you tell me what anti - virus you are using ?

thx

I am using Kaspersky Antivirus. I also tried to disable the antivirus and run that update.exe, after clicking it, it creates a shortcut in startup folder and creates a copy of itself in C:\windows\windows. and run iexplore.exe in background (checked in taskmanager) also add entry of it in windows firewall exception list.

[cyberoidx]

Damn... I let it install... and then it said there's susicious activity....

I think i might be changing sides about the fact if there's a a virus or not.

It defineitely created a RSDLUpdater.exe in C:\windows\Windows and did not delete it after Uninstall...

Doing a restart to check if my baby's working fine

[DAGr8]

Damn... I let it install... and then it said there's susicious activity....

I think i might be changing sides about the fact if there's a a virus or not.

It defineitely created a RSDLUpdater.exe in C:\windows\Windows and did not delete it after Uninstall...

Doing a restart to check if my baby's working fine

LOL . well I am not trying to change side here , it might or might not be a virus , the thing is RSDLITE 3.8 use to have an updater aswell and it would require you to give it firewall right .

NOd 32 never complain so I taught what the hell why not !! maybe it will update on its own .. but then I saw this thread and taught hmm its not updating ...
then why does it need web access ... I install this version and NOD 32 complained ..

Truth is there is something fishy about those installer trying to access the web .

ANd I am certalinly not pointing fingers at those kind enough to share I am just ' reporting'

IS NOD 32 free ? *cough * everything is free on the internet * cough* I mean of course not and some very good site rate it better then KApersky so it depends ..
what I like about NOD 32 is it doesnt require you to scan it protects every move you make unlike other AV .

[Alpha43]

I will post a link to my version later today, please verify that its either clean or has the same issue as the previous one.


~Alpha~

[DAGr8]

I will post a link to my version later today, please verify that its either clean or has the same issue as the previous one.


~Alpha~

still waiting :P

[Ruud]

yes i respect anyone, thats why i gave you guys the link... but his post was kinda weird to me... we all are using this version, it's flashed my maxx a couple of times already... it's the biggest download item in my rs folder, and here he starts posting "remove it admin... i have a virus" i thought maybe he could think before he does that... anyway no hard feelings... but at the same time, no more links either... i came here to learn and help if i could. I didn't like the welcome, so i just move on.

cheers,

Ruud

thanks