Introductory question from a new member
 

Hi, I'm new.:)

I was wondering how you guys can assure people that the patches cracks etc on the site are safe. Do you test them? I was referred here by a friend. He speaks quite highly of the site. It was quite a shock to me, the fact that I'd never heard of the site before. Quality no-virus, no-trojan sites are scarce, as we all are aware.

Thanks

Noob

You can never be 100% sure all files will be safe, there is not one Anti Virus program out there that knows all virii. For example, well known virii will get picked up easily or soon enough, but home made which were only used on a few people will have a high chance of not being recognised.

But be assured im sure admin take every steps to make sure files offered have no virus/trojan infections.

And what type of sites are you referring too about Quality sites?

Apparently, so far only benevolent people uploaded virus-free, quality material to GCW. Let's hope it stays that way...

In any case the scarce few times that one has been infected it´s reported in the forums and if right removed right away from the site, although most of the times it´s false alarms.

and, you should ALWAYS virus scan something you download.. REGARDLESS of the source.. because even if you got a file from a trusted friend, theres NOTHING to guarantee they mightn't be infected with something and not know about it...

also bear in mind some anti virus programs are crap (norton...) and some have many false positives, so its best to check on the forums if you find anything.. and also possibly checking the file on an online scanning service like virustotal.com to see how many other virus programs detect it...

some trainers for example raise false positives with quite a few anti virus programs due to them using dll's to do windows keyboard hooks (and other things).. so in some cases you will have to disable the anti virus to run a trainer..

also (off topic slightly) but NOD32 is now responsible for blocking the next release of ProtectionID due to one of their shitty signatures (which i have fully documented and tested).. i've emailed them about it, and once its fixed (and once cdkiller comes alive again) there will be a new public version :)

Thanks for the reply
 

@Luciel

Hehe, thanks for the kind words.;) I'm no poet, nor a writer, although I am a strong believer in quality forum language usage.

@Tippex

Hehe, I know a programmer when I see one...

@All

Are virus programs able to detect virii even if you haven't, for say,
executed a EXE?(The virus hasn't been activated/initialized)

the online ones are, virustotal definately does, when i was trying to 'fix' the nod32 issue i used their site lots, patching the exe, uploading, changing code, compiling, uploading .. about 80 times, then i tracked down the exact block of code that caused the false positive...
i then encrypted the procedure so it wasn't 'visible' (not even the api names were visible), yet nod32 through virustotal still saw the code.. so it has to be executing it... from this i was also able to determine that the server they are running on is 64bit ;)

so, for overall ease, i'd really recommend using virustotal.com to do the scanning as it covers a lot of antiviruses and seems to be pretty decent.. and free which is rare these days (and nope, im not affiliated with them in any shape or form... nor do i really consider this advertising) :)

No offence Nihilanth, but if you look closer, that´s my signature, not part of the post ;)

Lol
 

Haha, sorry Luciel, guess the age gets you sometimes(And the fact that I dont load images while browsing

I think you expect it to get fixed soon. I reported them collision with some other software a few years ago and, when I managed to find out the details, they had it fixed within a week or something. And my NOD32 wasn't even registered, although they also profited from fixing a bug in their own software. In short: nice, helpful people!

yup, they seemed responsive to my email, its just unfortunate they used a crappy 'signature'.. put simply my code does a GetProcAddress sort of loop to find x64 specific api addresses relative to file shadowing and registry reflection (which is only on x64).. and this i think is perfectly normal, however they flag it as virus like.. they'll get the files from me friday or so, with a full breakdown then hopefully they'll fix it before pid gets release, because (for me) any virus warning, even a false positive isn't really good for release as it can cause a lot of panic

No prob :D

its like in the medical world, a disease comes first before the cure is found.