Cheat Engine

Davethewave · Posted: Fri Nov 11, 2005 10:57 am Post subject: Trainer Virus?

I recently was on my Linux OS (still am as I write this Wink

) and was performing a virus check via "Anti-Vir" and it scanned my Windows partition, it claims that a couple of my trainers I made "Contains signature of the dropper Dropper/Small.acc.2" and was wondering if this could be a mistake on AntiVir's part, or perhaps a method of coding used to develop the trainers? Or is it possible that a virus attached itself to my trainer programs (and some how did not attach to any other program)? Thanks.. Just curious Smile

Dark Byte · Posted: Fri Nov 11, 2005 11:03 am Post subject:

A couple? so not all?

I'd have to say it's a false positive. It's true that heuristics scan can see those trainers as a possible virus because the PE header hasn't been changed to incorporate the data it adds at the end of the trainer

thats why exe packers will mess up those trainers, but since the trainer stub is already packed (upx), thats no problem

Davethewave · Posted: Fri Nov 11, 2005 11:29 am Post subject:

Hi, thanks.. by couple I mean all: I only have a couple Wink

sorry I need to be more careful.

Davethewave · Posted: Thu Dec 01, 2005 8:04 pm Post subject:

I asked Antivir about it, sounds like they don't care either *shrug* I will just remove my antivirus software completely, not like I ever use it and these messages that pop-up are annoying.

cparty · Posted: Fri Dec 02, 2005 4:13 am Post subject:

As DB already said probably a false positive. It happens often for the above mentioned reason.
However for small files (like trainers) you can check them online with several engines:
http://virusscan.jotti.org/
if only a few of them alert you of a virus you can be pretty sure its a false postive.

Zhoul · Posted: Fri Dec 02, 2005 1:55 pm Post subject: