3 New Notifications

New Badge Earned
Get 1K upvotes on your post
Life choices of my cat
Earned 210

Drag Images here or Browse from your computer.

Trending Posts
Sorted by Newest First
M
Maxis1977 11.11.21 10:41 pm

Antivirus sees viruses in trainers, scripts, cracks

Why, for example, when I want to download a trainer, does the antivirus block it as a threat and see it as a Trojan or virus? What does this mean? Are there any viruses on this site? I have Avast Premier
18 Comments
Sort by:
V
VITYA_KOLYADENKO 11.11.21

baskspace2014
Antivirus can see something in the trainer, but not every one and not every one. Have you tried to add a specific sample to the exclusions of only file antivirus and see if there will be a reaction of proactive protection? Have you tried looking at the VirusTotal result? Maybe someone detects it just as PUP?

D
Denis Nikonov 11.11.21

Why the antivirus sees it this way - only the developers of this antivirus will answer.

Crack, keygen can be packaged, encrypted, and antivirus can react.

When you install an antivirus, and it says "a threat has been detected," and you do not believe the antivirus (believe that it is not a threat), then why did you install ??

As I noticed, Nod, Kaspersky and Doctor Web usually do not swear at such software if this software does not perform destructive actions (steals passwords from the browser, encrypts files and demands a ransom for decryption, etc.) the

antivirus should work for such actions. ...
A normal antivirus should fail if the program is not malicious. If the heuristic analysis is wrong, it is still forgivable, but when you turn off the heuristic and the antivirus still writes "Trojan, malware", I personally want to install a different antivirus. The Trojan is not there with a 99% guarantee.


Saleswoman SonyK. what did you say - about signature analysis, heuristic analysis or proactive / preventive / activity monitoring? I understand that he was talking about signature and heuristic analysis.

By the way, baskspace2014 apparently wanted to say that the antivirus swears when the trainer has not yet been launched. And the trainer has not changed anything yet or "froze" in RAM, and the antivirus is already cursing (as I understand it, the file antivirus).

V
VITYA_KOLYADENKO 11.11.21

Denis Nikonov
And the trainer hasn't changed anything yet or "froze" in RAM, and the antivirus is already cursing (as I understand it, a file antivirus).

Have you personally tried to add at least 1 trainer to the exceptions, but only file antivirus? And for example, does your antivirus react to ArtMoney (in the sense of being proactive)? In theory, if he reacts to Artmani, then he should have responded to the trainer. But, probably, the trainer does not freeze anything, but only activates the built-in cheats of the game.

D
Denis Nikonov 11.11.21

In theory, if he reacts to Artmani, he should have responded to the trainer. But, probably, the trainer does not freeze anything, but only activates the built-in cheats of the game.

Dear, read carefully what I wrote. I repeat. There is a file called "game_trainer.exe". It was downloaded to the Trainers folder. Just downloaded the file. The "file antivirus" component scanned the file and this component imagined a threat. The file has been added to the exclusions of the "file antivirus" component! Launch is now allowed.

We start the trainer, and now the PROCESS is working (this is not a file already). This process also does nothing for now, and the proactivity is silent. The game is running, we press the "eternal patrons" button in the trainer, and the "game_trainer.exe" process injects the code into the "game.exe" process (that is, the game).
- allow and write the event to the log
- request the action "allow injecting code into another process?"
- prohibit the injection of code into another process

A
Aziz16 11.11.21

this is normal

R
Razor12345 11.11.21

"Antivirus sees viruses in trainers, scripts, cracks" - and what? just do not use this rubbish and all the cracks and scripts will be fine. Personally, I have never (tufutfu) caught something like a banner or something critical, and I see no reason to put a-vir on a computer, hemorrhoids from them only and viruses will be missed by one fig.

V
VITYA_KOLYADENKO 11.11.21

About false alarms of almost this kind "Release an update with a false detection on important system files." My antivirus managed to detect 2 files from the THIRD WARCRAFT - WorldEdit.ekze and Frozen Tron.ekze. The detections have already been fixed (appeared in January 12 and May 13).

V
VITYA_KOLYADENKO 11.11.21

Denis Nikonov
- allow and write event to log
- request action "Allow injecting code into another process?"
- prohibit the injection of code into another process.

If I could find a log of such allowed threats. Don't want to check Crisis 2 or Crisis 3 on the trainer?

D
Denis Nikonov 11.11.21

Personally, I have never (tufutfu) caught something like a banner or something critical.

You were just lucky, and in these programs there was no "banner or something critical thread." Someone is lucky, and his virus does not bother. And someone is unlucky.

If I could find a log of such resolved threats at my place.

Put Kaspersky (program control, interactive mode), or Malware Defender and everything will be controlled there - if you want, track the introduction into the process, if you want - direct access to the HDD, etc. Start the game, the trainer and you will see for yourself what the trainer does, when he does, and what he does not do.

I am more annoyed by false positives (because of this, I have little confidence in antivirus), when the "File Antivirus" component writes a "trojan", swears at a crack, a trainer. There is no trust in Avast, he can also detect a broken virus (non-working viruses).

By the way, Nod usually writes "Keygen", "Trainer", potentially dangerous software. That is how I like him. Avast calls everything Malware.

baskspace2014 wrote
What does this mean? Does this site have viruses?

Someone believes that there are, someone believes that there are no viruses. He believes in what he wants.

V
VITYA_KOLYADENKO 11.11.21

Denis Nikonov,
he can also detect broken "viruses" (non-working viruses).
Both my antivirus and Kaspersky can detect them. The problem is that only 1 out of 1000 of these files are launched at all. If Kaspersky finds something from this set in the trainer:
1) IRC-Worm.DOS;
2) Virus.DOS;
3) Virus.Win16;
4) VirTool.DOS (someone calls the driver with the word VirTool: WinNT / Ldpinch);
5) Trojan.DOS.

Then you definitely don’t believe it, because probably even DosBox will not start it.

D
Denis Nikonov 11.11.21

If I could find a log of such resolved threats at my place.

Kaspersky has it in the Application Control component. You can control anything. The magazine is there too.
And Malware Defender also has a magazine, so you can also control whatever you want.
And if antiviruses swear - for a reason? Maybe there is a stealer (for example, stealing accounts) in a trainer, a crack. Please note that I wrote "maybe there is a stealer", not "definitely is".

If Kaspersky is worth it, you can just put the trainers in the "Strong restrictions" group in the program control, allowing "code injection" on the "rights" tab. Even if the trainer is viral, it is unlikely to be able to harm.

S
Sayway 11.11.21

I have an antivirus avast 2011 offline installation, it catches everything, it helps me catch files infected with xpack gen trojan is a virus that pulls viruses from the Internet, which sometimes get on a computer through the browser cache to mozilla firefox create a blue screen for me, so this virus does not only in trainers and cracks it comes across, but also during the installation of unpacking compressed repacks of games, at the beginning of the installation, sometimes the repack unloads precomp, unarc and other files for unpacking, they are sometimes infected, but not always, it is important to clean the virus from your computer after installing the game or it is better to download a torrent game (license) with a clean, virus-free crack or nodvd and live peacefully without blue screens.

avira antivir personal en Antivirus (2011) Catches everything, is simple and lasts a whole year without annoying calls for registration or purchase. Other versions or antiviruses are nothing compared to it. Fresh freshness Kaspersky will say that everything is clean even when you have a blue screen and viruses in the cache of the Mozilla, but Avast 2011 will erase all viruses even from the cache and blue screens will disappear from your life, download repacks and licenses with cracks and trainers as much as you like. will see and help you find a clean version of the game or program.

I wish all creators of trainers and crackers with viruses to kill themselves against the wall and thus make the world cleaner.

V
VITYA_KOLYADENKO 11.11.21

Sayway
which sometimes getting to the computer through the browser cache
I assume that downloading files there does not depend on viruses itself. Or another Trojan downloads files by itself, visiting individual sites.
But, I think that the files in the cache are not executable at all and are only traces of infection.

V
VITYA_KOLYADENKO 11.11.21

Sayway
I have seen many times about problems with unarc.dll. The first time this problem came out yesterday (the image used before), but the second installation everything was fixed.

s
sasha-as 03.01.22

Yes

k
kuniliber 07.02.22

Create a folder for games and add it to the exclusions. When installed in this folder, the antivirus program will not swear.

R
Rasul_92 05.05.22

so much chatter and no one helped

S
Savok179 17.11.22

I have KIS. He also swears at trainers. I set the control mode to manual and now KIS always asks what to do with this trouble. I add the file to trusted ones at my own peril and risk. I don't know how to be with other antiviruses.