Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


OMG VIRUS!!!
Goto page Previous  1, 2, 3 ... 19, 20, 21 ... 33, 34, 35  Next
 
Post new topic   This topic is locked: you cannot edit posts or make replies.    Cheat Engine Forum Index -> Cheat Engine
View previous topic :: View next topic  
Author Message
Predatortank
Newbie cheater
Reputation: 0

Joined: 22 Dec 2010
Posts: 12

PostPosted: Mon Jan 10, 2011 11:27 pm    Post subject: Reply with quote

I have given up on my AV software. I had a virus a few weeks back that disabled my AV and every time i tried to open or change anything on my AV, the virus would crash my computer. It's honestly less of a hassle to just back everything up once a week, and now I can actually use CE without my AV freaking out on me!
Back to top
View user's profile Send private message
Dacnomania
Expert Cheater
Reputation: 1

Joined: 03 Sep 2010
Posts: 124

PostPosted: Tue Jan 11, 2011 3:43 am    Post subject: Reply with quote

I use avira. I just disable it every time I use a hacking program.
Back to top
View user's profile Send private message Send e-mail AIM Address
el_bartholomew
How do I cheat?
Reputation: 0

Joined: 13 Jan 2011
Posts: 1

PostPosted: Thu Jan 13, 2011 7:49 am    Post subject: Reply with quote

I have a problem when trying to download the new version

Microsoft gives me a warning that the content is not safe

is this a false positive?



ScreenHunter_01 Jan. 13 14.31.jpg
 Description:
 Filesize:  31.43 KB
 Viewed:  25211 Time(s)

ScreenHunter_01 Jan. 13 14.31.jpg


Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 457

Joined: 09 May 2003
Posts: 25262
Location: The netherlands

PostPosted: Thu Jan 13, 2011 7:53 am    Post subject: Reply with quote

false positive yes
Just report that the download is safe

_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
Geri
Moderator
Reputation: 111

Joined: 05 Feb 2010
Posts: 5636

PostPosted: Thu Jan 13, 2011 8:48 am    Post subject: Reply with quote

"The download website contains links to viruses"

WTF is that? How dare they say that it contains viruses? Do they have proofs? At least it should say "MAY contains links to viruses".

Because as I read this crap, every reported site is proven to be totally full of viruses.

If I would have a company or a large site and it would pop-up this shit to my site, I would fuckin sue them for accusing me without any evidence.

This just shows how retarded they are. If they are SURE of it, it should contain another link too where it is described what are these viruses doing EXACTLY. Without analyzis, they don't know anything and if they have analyzed it, why not publish the results?

_________________
My trainers can be found here: http://www.szemelyesintegracio.hu/cheats

If you are interested in any of my crappy articles/tutorials about CE and game hacking, you can find them here:
http://www.szemelyesintegracio.hu/cheats/41-game-hacking-articles

Don't request cheats or updates.
Back to top
View user's profile Send private message
Dacnomania
Expert Cheater
Reputation: 1

Joined: 03 Sep 2010
Posts: 124

PostPosted: Tue Feb 01, 2011 5:21 am    Post subject: Reply with quote

You go Geri . xP
Back to top
View user's profile Send private message Send e-mail AIM Address
scearezt
Cheater
Reputation: 0

Joined: 12 Feb 2011
Posts: 46

PostPosted: Thu Feb 17, 2011 7:06 am    Post subject: Reply with quote

'Couse it's a debugger... anti-virus programs detecting the changes of the executable files and other.... that's why your crappy scanner think it's a virus. Wink
Back to top
View user's profile Send private message
Geri
Moderator
Reputation: 111

Joined: 05 Feb 2010
Posts: 5636

PostPosted: Thu Feb 17, 2011 8:30 am    Post subject: Reply with quote

It also has many other features which may help to temper with the target process, not just debugging.
_________________
My trainers can be found here: http://www.szemelyesintegracio.hu/cheats

If you are interested in any of my crappy articles/tutorials about CE and game hacking, you can find them here:
http://www.szemelyesintegracio.hu/cheats/41-game-hacking-articles

Don't request cheats or updates.
Back to top
View user's profile Send private message
Burningmace
Grandmaster Cheater
Reputation: 5

Joined: 17 Feb 2008
Posts: 520
Location: Inside the Intel CET shadow stack

PostPosted: Sun Feb 20, 2011 8:44 am    Post subject: Reply with quote

This may have already been mentioned, but I would like to explain in detail why certain anti-virus programs do think CE is malware (a virus), and why they are wrong. Take heed to what I say, because not only do I have a lot of experience in malware analysis and programming in general, but also my final year project at university was writing a full AV program from start to finish. I will attempt to keep this simple at an overall level, but I will go into detail so you can really understand the issue. In case you think at any point that I am inferring that CE might have malware in it, I am absolutely not. Let me state it definitively: CE IS NOT MALWARE.

Your anti-virus program, along with any other program out there, is not sentient. It cannot think. It obeys a set of rules to classify incoming data into categories - safe, or one of the malware categories (e.g. trojan, worm, etc). To do this, it employs a few different techniques. I'm going to explain two of them, which apply most here.

Technique #1 - File hash
A hash is a checksum that sums up some data (e.g. a file) in some short way. Common hash algorithms are MD5 and SHA1, which take in some data and output a fixed-length value that is almost unique to that data. The same data in = the same hash out, no matter how many times you do it. AV programs have a huge database of the hashes of known malware files. Each scanned file will be hashed and compared against the database. If the hash matches an entry, the AV knows what malware it is and can look up the appropriate method to remove it. I would like to stress that CE is most likely NOT in this list for any AV. In fact I would be surprised if it is in any of these lists.

Technique #2 - Heuristics
Malware writers got wise to hash checks, so made malware that makes tiny modifications to itself that, whilst not changing how the program works in any way, alters its data and therefore changes its hash. In order to get round this and to detect new potential malware samples that it might not have seen before, it employs something called heuristics. What it essentially does is dissect the target program into its individual sections and header information, then examine each to discover what it might be doing.

In any program you have a set of calls to external functions (APIs) that tell the operating system what needs to be done. For example, you would want to close the program at some point - this is done with an ExitProcess call. When it is compiled, the program has information about these APIs embedded in them. This information doesn't say what the program is using them for (some APIs have multiple uses), so the AV must guess based on the other calls it has entries for. Certain API calls are often used for certain types of malware. For example, one might call SetWindowsHookEx to perform a keyboard hook to make a keylogger. However, this API is also used to provide global hotkeys in trainers and other programs. Depending on your AV software, the level of paranoia placed on certain types of calls is different.

CE uses a whole bunch of APIs that are also often used in a range of malware. This is why the CE program gets flagged as malware. CE also includes a driver to perform certain debugging and memory access operations, which is not signed by a trusted party. Driver signing is Microsoft's way of saying "this driver is safe and trusted", which is why major device manufacturers sign their drivers. However, driver signing is very expensive, hence CE doesn't have it. This means the AV program sees some application that uses some suspicious APIs and tries to install an unsigned driver. If this were malware and the AV didn't block it, your system is pwned with a rootkit and you'd lose confidence in your AV, and therefore wouldn't buy their products any more. It's a business decision. There's no such thing of giving potential malware the benefit of the doubt.

The sane thing for any AV vendor to do is to put CE on the "not malware" whitelist or allow users to manually whitelist the CE program, but, as we all know, people aren't sane.

Hopefully this clears things up a bit.

_________________
It's not fun unless every exploit mitigation is enabled.
Back to top
View user's profile Send private message
Geri
Moderator
Reputation: 111

Joined: 05 Feb 2010
Posts: 5636

PostPosted: Sun Feb 20, 2011 2:51 pm    Post subject: Reply with quote

I agree with most of this but I think You are not completely right in the first part where You assume that CE is not listed as a malware for AV companies. They indeed attack CE not because it is a malware, but because it is a "hacking" software. Probably they do this for money. As for why do I think that, here are 2 of my "tests" about CE and AV detections.

1. I have uploaded a CE made trainer months ago to virustotal and only a few of the AV's has detected "virus" in it. Then a few weeks later, I have tested the same untouched file, with the same MD5 hash (even virustotal has detected that this file with this same hash has been tested before) and now at least 3 times more AV scanner has detected virus in it. What has been changed in the file? Obviously nothing, the hash was the same etc. So what other things are changed? Some Av companies "figured" that CE trainers that were harmless before are now malwares. Ridiculous. It is clear that they manipulate the users and give fake results regarding CE for whatever business reason. They do what they are paid for, to scare people away from CE.

2. If You change the Cheat Engine strings in the exe file, only one AV will think it is still a virus and all others will just leave it alone. Reason? The content is the same, only the Cheat Engine string is missing and the hash of course is different. This seems to prove that they are targeting CE specificly, not because of it's functions.

And as for a bonus,
3. CE 6 has even more features, yet it is not detected as a virus because they did not have time to gang up on it like they did with previous versions.

In summary, my opinion is that AV companies are unethically trying to control people. They know it is not a virus as not the features are causing the problem but their blacklists. And we all know that it is easy to put someone on that list for the right price. As You have said, it is just business and CE is a free software so "big and professional" gaming companies are not just trying to detect CE with their anti-cheat stuff but they also use other methods to scare away people from ever installing CE.

All of these proves one thing for sure:
CE is not just not a malware, but also one of the most advanced reverse-engineering tools ever made and it is so cool, that others are "afraid" from its power. If it would be a crap, no one would care about it but we all know that many games are directly searching for CE and I don't think those companies are so poor that they cannot afford to buy some "support" in their anti-cheat engine project from AV companies.

It is this simple, they are afraid from CE users because CE rocks.
At least that's my opinion.

Btw. Your article/post is very good, I totally agree with the rest of it.

Peace!

_________________
My trainers can be found here: http://www.szemelyesintegracio.hu/cheats

If you are interested in any of my crappy articles/tutorials about CE and game hacking, you can find them here:
http://www.szemelyesintegracio.hu/cheats/41-game-hacking-articles

Don't request cheats or updates.
Back to top
View user's profile Send private message
Geri
Moderator
Reputation: 111

Joined: 05 Feb 2010
Posts: 5636

PostPosted: Wed Apr 13, 2011 11:50 am    Post subject: Reply with quote

It isn't a problem. If you don't want it, just don't install the recommended program. If you want to support Dark Byte, then install it. That's all.
_________________
My trainers can be found here: http://www.szemelyesintegracio.hu/cheats

If you are interested in any of my crappy articles/tutorials about CE and game hacking, you can find them here:
http://www.szemelyesintegracio.hu/cheats/41-game-hacking-articles

Don't request cheats or updates.
Back to top
View user's profile Send private message
Gothantic
How do I cheat?
Reputation: 0

Joined: 18 Apr 2011
Posts: 5

PostPosted: Mon Apr 18, 2011 6:06 pm    Post subject: Reply with quote

I love kids who say they have norton antivirus and that it said cheat engine is a virus.

Try to remove your norton antivirus some day.... its worse than dealing with an actual virus.
Back to top
View user's profile Send private message
Saric
Advanced Cheater
Reputation: 20

Joined: 20 Jul 2008
Posts: 61
Location: Somewhere. Over teh rainbow.

PostPosted: Mon Apr 18, 2011 7:01 pm    Post subject: Reply with quote

Gothantic wrote:
I love kids who say they have norton antivirus and that it said cheat engine is a virus.

Try to remove your norton antivirus some day.... its worse than dealing with an actual virus.

I used norton before, and it never had a problem with me having cheat engine.
Back to top
View user's profile Send private message
Lukong
Newbie cheater
Reputation: 0

Joined: 21 Feb 2011
Posts: 17

PostPosted: Wed Apr 20, 2011 9:24 pm    Post subject: Reply with quote

chewbacca_teh_haxz0r wrote:
'retarded idiot'

Rofl.. Nice one, What dip doesn't understand that it's not a virus...?
Anyways, thx for the solution, I used to just drag the neverending warning pop-ups to the side of the screen, that fixes that.

Ty.
Very Happy


The type of dip that thinks your going to get arrested for Hacking a game.

Saric wrote:
Gothantic wrote:
I love kids who say they have norton antivirus and that it said cheat engine is a virus.

Try to remove your norton antivirus some day.... its worse than dealing with an actual virus.

I used norton before, and it never had a problem with me having cheat engine.


Yeah tell that to my Norton which I had to shutdown all its functions also for the People who try to remove Norton or anything for that matter, make sure that the Program itself is shutdown before uninstalling it.

Norton goes by the name of ccsvchst.exe in the Processes also use CE 5.6.1 to find the icon that matches the program your trying to shutdown then use Task Manager to shut it down.

Geri wrote:
I agree with most of this but I think You are not completely right in the first part where You assume that CE is not listed as a malware for AV companies. They indeed attack CE not because it is a malware, but because it is a "hacking" software. Probably they do this for money. As for why do I think that, here are 2 of my "tests" about CE and AV detections.

1. I have uploaded a CE made trainer months ago to virustotal and only a few of the AV's has detected "virus" in it. Then a few weeks later, I have tested the same untouched file, with the same MD5 hash (even virustotal has detected that this file with this same hash has been tested before) and now at least 3 times more AV scanner has detected virus in it. What has been changed in the file? Obviously nothing, the hash was the same etc. So what other things are changed? Some Av companies "figured" that CE trainers that were harmless before are now malwares. Ridiculous. It is clear that they manipulate the users and give fake results regarding CE for whatever business reason. They do what they are paid for, to scare people away from CE.


One problem Anti-Virus Software itself can be cracked and some like Adware which don't have some needed features like Norton could let you choose whom to keep and whom to let go.

The worst part about the rest of what your saying is How Gaming Companies have anti-cheat methods, in the sense of worst I mean true.

The other day I was hacking [Finding a value] in a Sequel to a game [Runefactory 3] for some reason it was very difficult to find any values unlike before.
In Runefactory 2 I was able to find values for Items, Money, HP, RP and even the items in the Hand so I could drop any item in the inventory, but in this one its way more difficult to find a single value.

When you think about it SWF/Browser games are also tricky. There values are multiplied by 8.
I was play a game called Phantasy Star 0 on the a DS emulator, I later realize that all the values were multiplied by 64, so even though I knew the limit for an item was 99 and scanning Value type 1 Byte, I was way off.

Some game companies are ahead or using different Value types because games like Pokemon or MegaMan on the GBA can not have the Money simply changed and that is the easiest value to find.
Back to top
View user's profile Send private message Send e-mail
maikkano
How do I cheat?
Reputation: 0

Joined: 13 May 2011
Posts: 1

PostPosted: Fri May 13, 2011 1:46 pm    Post subject: Reply with quote

Burningmace wrote:
This may have already been mentioned, but I would like to explain in detail why certain anti-virus programs do think CE is malware (a virus), and why they are wrong.

[...]

The sane thing for any AV vendor to do is to put CE on the "not malware" whitelist or allow users to manually whitelist the CE program, but, as we all know, people aren't sane.

Hopefully this clears things up a bit.


hi.

I came to download a script to mount&blade and came to this post when d/loading CE6.0.
I've registered in this forum only to show my thumbs up to the user who wrote this. it was f-ing amazing.
probably I'll not be around here again but I felt it needed to be said.

best regards
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   This topic is locked: you cannot edit posts or make replies.    Cheat Engine Forum Index -> Cheat Engine All times are GMT - 6 Hours
Goto page Previous  1, 2, 3 ... 19, 20, 21 ... 33, 34, 35  Next
Page 20 of 35

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites