this post was submitted on 13 Jul 2024
64 points (90.0% liked)

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

54577 readers
222 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others



Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):


💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

founded 1 year ago
MODERATORS
 

Most antivirus I tested, even the paid ones, are so annoying with popups and complaining about cracks that I just take the risk and go without em

all 46 comments
sorted by: hot top controversial new old
[–] [email protected] 60 points 4 months ago (3 children)

Have you considered getting NordVPN? A YouTuber told me it protects against 100% of hackers

[–] [email protected] 46 points 4 months ago

Hilarious that people can't tell this is sarcasm.

[–] [email protected] 26 points 4 months ago

just like our sponsor - nordvpn™️. I use nordvpn™️ to protect against hackers when using public wifi - and now you can too with the code ‘myballs’ - get 99% off a one year subscription to nordvpn™️ today

[–] [email protected] 17 points 4 months ago* (last edited 4 months ago)

Wow that's so Narwhal Bacon, I heard about NordVPN while watching my daily Skibidi Raid Shadow Legends content while eating my World of Tanks themed Factor meal with extra soy while trying to ignore my dad beating my mom after his BetterHelp appointment

[–] [email protected] 44 points 4 months ago

You're not going to find an AV that doesn't flag modifications as virus/malware. That's kind of the definition of malicious behaviour by a program.

Hell, Windows itself will overwrite changes you make to certain exscutables/dll's, etc, with its own file protection system.

Test your cracks in a VM. Then use them as needed, or do the cracking in a VM.

[–] [email protected] 20 points 4 months ago (1 children)

How do you know they're false positives?

[–] [email protected] 10 points 4 months ago* (last edited 4 months ago) (2 children)

Windows defender claimed they're bad because they are cracks, and doesn't mention any reason it thinks that would be a virus/trojan or something I dont want

"HackTool:Win32/crack" from games downloaded on fitgirl repacks site (the correct one)

[–] [email protected] 23 points 4 months ago (1 children)

Isn't that a matter of behavior? The crack is doing something expected from a crack and the system warns you because most wouldn't use it without being aware. If you really trust the file, add it as an exception.

Or do you want a software that can vet good cracks from bad cracks?

[–] [email protected] 0 points 4 months ago (3 children)

I think the point is that it's a bit silly to classify cracks as malware

[–] [email protected] 12 points 4 months ago

Cracks modify executables...classic malware/virus behaviour. Almost the definition of malware.

Which is why windows uses a file protection system since at least XP

[–] [email protected] 12 points 4 months ago

Enterprise antivirus products have had PUP (Potentially Unwanted Program) category forever. Seems its categorized as "HackTool" so not malware.

[–] [email protected] 5 points 4 months ago (1 children)

Not at all, a crack does something to an executable file that you use. Malware would do the exact same thing.

[–] [email protected] -1 points 4 months ago* (last edited 4 months ago) (1 children)

But you generally want that crack to do something to an executable. Do antivirus etc. tools just heuristically flag everything that looks like it modifies an executable? Lots of legitimate dev tools do that too, so it seems like it'd give a lot of false positives, but I haven't used Windows in ages so 🤷

[–] [email protected] 6 points 4 months ago (1 children)

Well, how is the system supposed to know that you want the crack to do something to that executable? The anti virus just sees something is happening and flags it. It does not see a difference.

[–] [email protected] 1 points 4 months ago

I definitely get what you mean, I just have no idea if antivirus tools flag anything that looks like it modifies executables. My edit to the comment you're replying to may not have propagated to your instance yet, so here's what I added:

Do antivirus etc. tools just heuristically flag everything that looks like it modifies an executable? Lots of legitimate dev tools do that too, so it seems like it'd give a lot of false positives, but I haven't used Windows in ages so 🤷

[–] [email protected] 10 points 4 months ago

Windows defender only lets you whitelist by file, folder, or process. You could whitelist a specific folder, but if you want to whitelist by category you'll have to use a different antivirus product.

[–] [email protected] 15 points 4 months ago

https://virustotal.com/

Most antivirus software is more sketchy than random cracks.

[–] [email protected] 13 points 4 months ago* (last edited 4 months ago)

i don't think that's possible mate for 2 reasons :

  • software companys pay antivirus software makers to flag and remove game cracks
  • cracks use obfuscation and workaround techniques that are similar to whats used in viruses so most flag them as mallisious
[–] [email protected] 10 points 4 months ago* (last edited 4 months ago)

So what you are saying you want a shitty AV that would not recognize a potentially malicious executable? Any normal AV should flag crack as a potential threat due to what it does.

Stick with Defender and whitelist executables you trust. This is computing 101.

[–] [email protected] 7 points 4 months ago (1 children)

If u are on Linux I recommend using firejail on the executable

[–] [email protected] 10 points 4 months ago

Obviously he is not on linux

[–] [email protected] 6 points 4 months ago

malwarebytes will flag cracks like all the others but when I used to clean computers for a living, it rarely gave a false positive and found the most bullshit on Windows pcs. This was a few years back so I don't keep up with how it is these days.

[–] [email protected] 6 points 4 months ago

ClamAV is an open source antivirus

https://github.com/Cisco-Talos/clamav

[–] [email protected] 5 points 4 months ago* (last edited 4 months ago) (1 children)

Use the megathread, it has lists of trusted providers (goat symbol).

Of course, that's not good enough, so my "antivirus" is to use an entirely separate device for gaming/piracy and a lower power device for production and work. If my gaming device gets compromised, the attacker will just know how many hours I spend in vampire survivors :)

[–] [email protected] 4 points 4 months ago

the attacker will just know how many hours I spend in vampire survivors :)

You could prevent this by telling us now.

[–] [email protected] 4 points 4 months ago (2 children)

best anti-virus I've ever used? my gut n' noggin.

been online for 30 years and have never once got a virus or trojan or anything and I pirate A LOT. My point being you're not going to find a super duper great anti-virus program and they're all gonna be annoying and provide false positives etc. Windows defender is going to ping you a lot cause you're using cracks to alter admin settings to get your pirated shit to work, that's the point.

Download from trusted sources and uploaders, do your research. if it feels off or looks iffy then bounce out. People who get virus' and trogans and shit honstly don't know what they're doing and in many cases it's all hogwash anyways to sell you anti-virus programs.

Like really, truly, think about it for a moment who in your entire life has recently gotten a computer virus? out of all the people I know in my life I can't even think of a single person that has.

[–] [email protected] 19 points 4 months ago (2 children)

How do you know you never had malware if you have no means to check for malware? It's not like it will announce itself.

[–] [email protected] 0 points 4 months ago

I don't see anywhere that was said.

[–] [email protected] 4 points 4 months ago

And test in a VM if you really want to be sure.

[–] [email protected] 3 points 4 months ago

I haven't used an Antivirus in years... That's one advantage of GNU OS's. I run cracks inside sandboxes which then run Wine and DXVK for compatibility.

[–] [email protected] 3 points 4 months ago

You're not going to find an antivirus that isn't intrusive because that is their entire duty. However, Kaspersky has a very high malware detection rate compared to other AV solutions

[–] [email protected] 2 points 4 months ago* (last edited 4 months ago)

I sometimes think about disabling defender I think theres a site that can do it. Downside is it'll probably break windows but yeah it annoys me it's always wasting my battery plus yeah it throws fits over things like cracks

Last time I was mad enough to think about this it wasn't even a crack it was Autohotkey it didn't like.

[–] [email protected] 2 points 4 months ago

This is impossible, all antivirus will give false positive sometimes and they will be annoying since they need to be intrusive to "catch" some virus

[–] [email protected] 2 points 4 months ago

Think it's also important that it's not a resource hog. None are perfect but I recommend ESET.

[–] [email protected] 1 points 4 months ago

probably I will be punished for this comment but: Kaspersky
second best AV is Malwarebytes,
there is a subreddit for ranking them r/antivirus or something

[–] [email protected] 1 points 4 months ago* (last edited 4 months ago)

I use ESET and rate of false positives is very low for me (as long as you disable detect "potentially unwanted applications", it asks during installation).

[–] [email protected] -1 points 4 months ago (1 children)

Just don't use one. Just don't download anything dodgy and you're golden.

[–] [email protected] 9 points 4 months ago (1 children)

They just said they were downloading arbitrary binaries to execute

[–] [email protected] -1 points 4 months ago (1 children)
[–] [email protected] 5 points 4 months ago (1 children)

He's downloading cracks or cracked executables

The cracking groups aren't exactly signing their work with a verifiable public key

[–] [email protected] -1 points 4 months ago* (last edited 4 months ago)

Yeah but that should be okay as long as he's getting it from legitimate places (rarbg, official fitgirl site, cs.rin.ru, rutracker etc).

I've not had an AV for like 10+ years, had defender disabled with GPO as soon as I installed W10 and had no issues.

The best AV is your brain. Obviously if you download GTA_6 _(Brazil)_by_xP3tYa1337x.pdf.html with an embedded .hta directly from an IP address in Kamchatka and you have IE installed then yeah maybe you need to give things a manual scan pass with defender or malwarebytes (or just toss it in a VM) once in a while but otherwise you're golden.

Even most vulns today labeled 0day are either unexploitable or require the user to be a dumb motherfucker.

Trust me.