Reply 20 of 56, by BEEN_Nath_58
- Rank
- l33t
I would usually stick to the popular scenes only: don't know if they had ever put viruses in. But for whoever experienced, what effects did the virus have?
previously known as Discrete_BOB_058
I would usually stick to the popular scenes only: don't know if they had ever put viruses in. But for whoever experienced, what effects did the virus have?
previously known as Discrete_BOB_058
Whenever my virus killer says something is infected, I always double check it with the brilliant VirusTotal (https://www.virustotal.com/gui/home/upload), the online virus checker that polls more than sixty virus checker engines ,including Kaspersky, BitDefender, Avast, Malwarebytes, SuperAntiSpyware Sophos, ClamAV, McAfee, Symantec, etc. The list also includes 'Microsoft', which I assume means their AV checker Defender.
leileilol wrote on 2024-04-03, 00:30:It's more out of paranoia of compressed binaries than anything. The scene tends to have a habit of shrinking things (SMALLER iS BETTER) and viruses love the same benefits of code obfuscation mutually.
Oh, I hadn't thought of that, but it does make sense.
chinny22 wrote on 2024-04-04, 04:28:leileilol wrote on 2024-04-03, 00:30:The scene tends to have a habit of shrinking things (SMALLER iS BETTER)
I wish all software developers still thought like this like they once did. Even though total HDD space went backwards when SSD's became mainstream programs still like to eat up more and more disk space.
Yes, and it's really annoying. But gamers want ever better graphics, so more and more data needs to be stored.
eddman wrote on 2024-04-04, 10:51:Shagittarius wrote on 2024-04-04, 07:36:Personal experience first hand but you know, FAFO. This was not even detected at the time by Anti-virus.
Do you remember for which game it was? Was it made by a known group or generic/unnamed?
Was it really a virus or one of those false positives?
This was somewhere around 2000, I was using Win98. I believe all of the cracks were from a certain well known site which I will not repeat here, but is still around today. I had just gotten a larger HDD and decided I was going to put as many of my games as I could on my HDD with no-CDs so it would be super easy to play them. That system was compromised and I realized it by the next day. The virus detector never warned me about anything, and this was the last time I ever trusted a no-CD crack. I couldn't tell you which game it was as I installed a bunch of cracks at the same time and it wasn't until the next day I realized it was infected. This was the one and only time I've ever gotten a virus.
Must've been a rare case. I've used hundreds by known names and it's been fine.
If I had to guess maybe a fake file was posted on the site, either by accident or by a rogue staff.
Same. I've been using cracks on my games for 34+ years.
Block all ads.
Only grab files from approved sources.
Use a secure os and security software.
Manually scan all downloads.
Occasionally I'll debate setting up a separate machine in a secure vlan just for that purpose but has never been necessary.
Recently confugured my firewall so I have to allow list everything I want to access.
Its nice to hear you guys conveying a positive experience, I'm just too traumatized to trust them anymore =)
DosFreak wrote on 2024-04-04, 16:43:Only grab files from approved sources.
I wish I knew of a good source for such things.
I hope nobody actually replies with a link to one, I don't want to get anyone in trouble! 😁
Recently confugured my firewall so I have to allow list everything I want to access.
What happens when you do a web search, you have to add every result you want to look at to an approved list!?
My paranoia has sometimes extended to disassembling to see what seems to have been changed by the patch. I came to post because I just ran across a tool that would apparently make that easier: https://zynamics.com/bindiff.html I haven't looked at it very closely yet, but I found it from Tavis Ormandy's twitter, so I guess it's probably reputable.
As far as approved sources I mean by those sites that the community uses and not sketchy sites with popups and such that make you think you are downloading what you want but it's actually a PUP or worse.
So I use noscript on my desktop browsers and phones and for those websites I "trust" (only what is actually needed to load the site) in noscript I've exported that to my FW to allow those sites.
As far as searching then as far as noscript and the FW is concerned it's just google.com or whatever search site but yes if you click on a link to a site that's not allowed then it'll be blocked....as it should be.
May I chime in here and say that I started a small project to remove Copy Protections from MS-DOS Games if there:
a) Is no Crack available
b) A Crack has been available in the past but is hard to find
c) There is only a TSR Patch available
d) Game is on GOG but Manual Protection has not been patched
I‘m using xdelta diff patches for this as well. If you want to take a look, please tell me - i dont want to come across as wanting to spam my project.
Thanks!
DosFreak wrote on 2024-03-28, 10:38:A lot of them were unplayable on release or caused OS issues if you were lazy enough not to crack them as you should. 😠
Legally I've been looking into putting xdelta diff's onto github because as far as the DMCA is concerned its legal (until someone with enough money sues or the DMCA changes). So a diff or a patcher for a work where the "technological measure" no longer effectively controls or protects and where the usage of copyrighted works is only a 'part' so no sharing of modified binaries and copyrighted non drm files are allowed. Keep in mind that laws are different per country.
I agree that it does vary from country-to-country. However, if the company has went out of business 20 or so years ago, or if the game no longer is sold on storefronts such as GOG or Steam, then it's unlikely that they will care nonetheless.
But do keep in mind that piracy is illegal, and it is only suggested that you use no-CD cracks for the games that you have backed up yourself. But hey, that's entirely up to you.
BEEN_Nath_58 wrote on 2024-04-04, 13:31:I would usually stick to the popular scenes only: don't know if they had ever put viruses in. But for whoever experienced, what effects did the virus have?
Scan them with VirusTotal and it'll tell you whether its safe or not.
gamecopyworld?
BEEN_Nath_58 wrote on 2024-04-04, 13:31:I would usually stick to the popular scenes only: don't know if they had ever put viruses in. But for whoever experienced, what effects did the virus have?
Usually it wasn't the problem with the release by it self. But the distribution from different web sites that could infect the patch.
I have one old external HDD that had many different patches and once I connected it to the Windows 10 machine. Defender started scanning it and removed pretty much every patch from it before I realized 🙁
Requests here!
ala_borbe wrote on 2024-08-01, 11:04:gamecopyworld?
GameCopyWorld is safe. I've been using this site for years and years, it's a great place for finding old PC game cracks.
stoney1981 wrote on 2024-07-31, 00:51:May I chime in here and say that I started a small project to remove Copy Protections from MS-DOS Games if there:
...I‘m using xdelta diff patches for this as well. If you want to take a look, please tell me - i dont want to come across as wanting to spam my project.
You might also want to contact PCGamingWiki. Although they mostly do not allow protection-removed exe files, xdelta patches are generally not an issue.
TheWiredIsUponUs wrote on 2024-08-01, 23:00:ala_borbe wrote on 2024-08-01, 11:04:gamecopyworld?
GameCopyWorld is safe. I've been using this site for years and years, it's a great place for finding old PC game cracks.
Is it? The last few times I attempted to find no-cd's for old games on there, purely for the convenience of not having to swap CDs all the time, ESET NOD32 went ballistic on nearly every file I downloaded. Could have been false positives, but honestly, I'm not a kid anymore, I have a lot more of my life (work, finance) on my PC, and I just don't feel like rolling the dice on viruses.
Win95/DOS 7.1 - P233 MMX (@2.5 x 100 FSB), Diamond Viper V330 AGP, SB16 CT2800
Win98 - K6-2+ 500, GF2 MX, SB AWE 64 CT4500, SBLive CT4780
Win98 - Pentium III 1000, GF2 GTS, SBLive CT4760
WinXP - Athlon 64 3200+, GF 7800 GS, Audigy 2 ZS
Namrok wrote on 2024-08-02, 12:25:TheWiredIsUponUs wrote on 2024-08-01, 23:00:ala_borbe wrote on 2024-08-01, 11:04:gamecopyworld?
GameCopyWorld is safe. I've been using this site for years and years, it's a great place for finding old PC game cracks.
Is it? The last few times I attempted to find no-cd's for old games on there, purely for the convenience of not having to swap CDs all the time, ESET NOD32 went ballistic on nearly every file I downloaded. Could have been false positives, but honestly, I'm not a kid anymore, I have a lot more of my life (work, finance) on my PC, and I just don't feel like rolling the dice on viruses.
False positives are very common for files that have been run through an executable compressor, as these kinds of tools are also used by malware creators toake their malware smaller in size (this us mentioned earlier in the thread, AFAICR). Such executable compressors are also used in the demo scene, which often leads yo false positives as well.
I personally would not trust the opinion of a single antivirus. The previously mentioned Virustotal online scanning tool allows one to test against dozens of the vmost popular antivirus applications and get a more complete perspective. Another thing Virustotal has is a history of when a file was first scanned by it (based on calculated hashes).
My perspective : If a file was first scanned over 10 years ago, for example, has not changed since (same hash) and 90% of the world's most used antivirus applications still think it's fine, either the outliers are seeing a false positive OR the majority of vendors are incompetent for not having seen an issue in 10+ years. In all likelihood, IMHO, false positives are much more likely in such a scenario. The counterpoints to this are that hashes are not foolproof as an identification mechanism (some algorithms are easier to fool than others) and the relatively low popularity of some files makes it possible that at least some actually malicious ones might have flown under the radar of otherwise competent antivirus vendors.
Additionally, keep in mind that the reason that an antivirus flags a file for can be significant. If the detection is based on heuristics and the antivirus does not actually tell you what specific malware was detected, what it actually does (or can do) and only gives vague/generic warnings, the likelihood of a false positive is probably quite high.
That being said, it is good to be cautious, so using a dedicated retro/gaming machines with nothing important on them and on an isolated network is a good precaution, IMHO.
In the end, nothing is every really absolutely certain and a file could be flagged by every vendor and still be a false positive or it could be deemed safe by all of them and still be malicious.
IMHO there are purposeful false positives. Effectively that.
Imagine MegaCorp Security Suite v23.45 decides any file that might remove CD checks from EA games, and any keygens for desktop software made by Adobe, is "potentially unwanted". When the shareholders of EA and Adobe are a lot of the same entities, the publishers of an imagined MegaCorp Security Suite would have shares owner by mostly the same groups. Private equity, very rich people, hedgefunds, pensions, VC, etc..
Anti-virus has effective false positives because of conflicted interests based on profit seeking. Or greater, rent-seeking by industrialists and finance.
The "potentially unwanted program" is the rhetorical trick: unwanted by who? Generally the user does want that file, and if is a keygen or noCD then of course software publishers would prefer the user not to have that file. Not because the user will then buy the actual product, but because the user just might spend on anything new. Reusing old stuff, and noCD cracks is an example of doing that, does not fit with consumption and churn.
Namrok wrote on 2024-08-02, 12:25:ESET NOD32 went ballistic on nearly every file I downloaded.
Just disable option for detecting "potentially unwanted software". Easy.
Doom is what you want (c) MAZter
To anyone writing me a private message abt my project. I‘m not able to write PM yet in this forum, so please check Website on my public profile.