this post was submitted on 12 May 2026

213 points (98.6% liked)

me_irl

7631 readers

3066 users here now

All posts need to have the same title: me_irl it is allowed to use an emoji instead of the underscore _

founded 2 years ago

MODERATORS

herrwoland@lemmy.world

213

me_irl (lemmy.radio)

submitted 5 hours ago by sanitation@lemmy.radio to c/me_irl@lemmy.world

25 comments fedilink hide all child comments

top 25 comments

sorted by: hot top controversial new old

[–] _stranger_@lemmy.world 1 points 8 minutes ago

THE CULT OF THE DEAD COW HAD STANDARDS THEY WOULD NEVER HOW DARE YOU.

[–] BenLeMan@lemmy.world 8 points 1 hour ago (1 children)

This is why you use https://virustotal.com/ to check the EXEs and DLLs before you launch the game.

[–] lauha@lemmy.world 2 points 27 minutes ago

Is that legit?

[–] waigl@lemmy.world 33 points 3 hours ago (1 children)

If it was a real virus, it wouldn't have to open a cmd window to do its thing.

[–] TrickDacy@lemmy.world 1 points 17 minutes ago (1 children)

Doesn't make it not a malicious thing though

[–] waigl@lemmy.world 1 points 5 minutes ago* (last edited 56 seconds ago)

Could be, could also be that there was some additional malware independently from that shell window.

A lot of the time with pirated games, this pop up shell is some kind of batch script applying some kind of hack or crack that disables the game's copy protection and makes it playable. If you want to know for certain, you will have to carefuly analyze the files you downloaded and figure out what exactly they do in detail.

Personally, I would never run pirated software on the same computer I use for important files or logins.

[–] sexy_peach@feddit.org 46 points 4 hours ago (1 children)

That could just be a patch routine to apply a crack, right?

[–] Zos_Kia@jlai.lu 33 points 4 hours ago (1 children)

Yes. A virus wouldn't pop a cmd, it has way better methods to gain privilege.

[–] wreckedcarzz@lemmy.world 24 points 2 hours ago (1 children)

Sounds like something a batch virus writer would say

[–] Zos_Kia@jlai.lu 4 points 26 minutes ago

Damn you got me :(

[–] AbsolutelyNotAVelociraptor@piefed.social 35 points 4 hours ago (1 children)

You just need to use trusted sources for your piracy and this will never happen. The rentry megathread is one of the best, but there's also fmhy. Both will tell you of the best sites to find your games.

[–] AwakeIce@feddit.org 8 points 4 hours ago (2 children)

What is the "rentry megathread" and where can I find it?

[–] vantablack@lemmy.blahaj.zone 3 points 7 minutes ago

https://rentry.co/megathread

[–] Lumun@lemmy.zip 10 points 3 hours ago (1 children)

It's at rentry dot org slash megathread. Good all purpose list, it's maintained by the subreddit

[–] vantablack@lemmy.blahaj.zone 1 points 8 minutes ago

rentry dot co, not dot org

[–] fartsparkles@lemmy.world 14 points 3 hours ago* (last edited 3 hours ago) (1 children)

I had to help a buddy pick up the pieces after he ran a pirated game which had, unbeknown to him, been bundled with an infostealer.

He saw a momentary CMD window too.

A couple of minutes after he ran the game, the infostealer had vacuumed up all his credentials saved in his web browser including the session token for Microsoft.

The actor behind it took control of his MS account and removed the account recovery settings he’d set (since with the session token, they didn’t even need to authenticate). Lost his email, cloud backups, Xbox everything, etc.

Microsoft weren’t much help but they did transfer his Xbox profile. Everything else, they wouldn’t help with.

Don’t run software you don’t trust, kids. At the very least run it in a sandbox or something and scan the files it unpacks with a security product or three.

[–] Droechai@piefed.blahaj.zone 4 points 1 hour ago (1 children)

I bet if he ran NetBSD he wouldnt have lost the information /joke

[–] fartsparkles@lemmy.world 4 points 1 hour ago* (last edited 1 hour ago) (1 children)

Funnily enough, given the payloads were .PS1 and .EXE, he probably wouldn’t have.

[–] Droechai@piefed.blahaj.zone 1 points 51 minutes ago* (last edited 50 minutes ago)

A windows (edit: Microsoft) session key would be a bit harder to extract though since he wouldnt use chromium

[–] halfapage@lemmy.world 10 points 4 hours ago (2 children)

Hey! My assigned win 11 work PC does that all the time!

[–] echodot@feddit.uk 3 points 2 hours ago* (last edited 2 hours ago)

Mine does too. Apparently it needs to remap the shared network drive on every boot. No idea why.

[–] blubfisch@discuss.tchncs.de 3 points 3 hours ago (1 children)

It may be a shitty virus...

[–] wreckedcarzz@lemmy.world 9 points 2 hours ago

shitty virus

w11

[–] stenAanden@feddit.dk 3 points 4 hours ago (1 children)

Is this always a virus? I used to have it a lot on my old computer 😅😅😅

[–] Hubi@feddit.org 8 points 3 hours ago

No, it's not necessarily malicious.