View previous topic :: View next topic |
Author |
Message |
realpaleskin How do I cheat? Reputation: 0
Joined: 11 Dec 2014 Posts: 6
|
Posted: Thu Dec 11, 2014 1:48 am Post subject: autoshutdown everytime starting ce6.4 or visiting this site |
|
|
Everytime i tried to run ce6.4 or visiting this site, the cmd prompt windows appears and autorun an autoshutdown sequence
Very annoying, is this a prank or something ?
|
|
Back to top |
|
|
Geri Moderator Reputation: 111
Joined: 05 Feb 2010 Posts: 5636
|
Posted: Thu Dec 11, 2014 3:28 am Post subject: |
|
|
Probably some kind of anti-cheat is running in the background.
_________________
|
|
Back to top |
|
|
aikoncwd Grandmaster Cheater Reputation: 23
Joined: 21 Dec 2012 Posts: 591 Location: Spain (Barcelona)
|
Posted: Thu Dec 11, 2014 4:42 am Post subject: |
|
|
Geri wrote: | Probably some kind of anti-cheat is running in the background. |
Agree, if you want I can help you to ride with that. Execute Hijackthis and paste here the output log:
http://sourceforge.net/projects/hjt/
Press Do a system scan and save a logfile then paste here the TXT using code tag
_________________
Hey Hitler
Test here your skill with CheatEngine, I coded a challenge for you. Try to beat it!
HERE |
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25287 Location: The netherlands
|
Posted: Thu Dec 11, 2014 10:17 am Post subject: |
|
|
If you're sure you have no online games running, check your computer for viruses and trojans.
Cheat Engine can be used to detect trojans not found by any anti virus out yet, so it's possible it's a protection of the virus. (You may have to reinstall windows and perhaps even buy a new mainboard if it has infected firmware)
If you did have an online game running, I recommend making a topic in the game's support site/forum , or other sites related about that game with the topic "Cheat Engine". With luck people visiting a topic with the title "Cheat Engine" will also get rebooted, and possibly causing a severe backlash at the developer of that game
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
++METHOS I post too much Reputation: 92
Joined: 29 Oct 2010 Posts: 4197
|
Posted: Thu Dec 11, 2014 10:44 am Post subject: |
|
|
If game developers are writing code like this, it's equivalent to malware or a virus and should be treated as such.
|
|
Back to top |
|
|
realpaleskin How do I cheat? Reputation: 0
Joined: 11 Dec 2014 Posts: 6
|
Posted: Thu Dec 11, 2014 3:03 pm Post subject: |
|
|
I checked all background tasks, and found nothing like anticheat process, also I did system scans using 360 total security + malbytes' anti malwares, both didn't find any viruses/spywares nor did their realtime protections give any warning whatsoever
there aren't any online games clients installed on my system, but there sare some games with online features such as starcraft2, divinity original sin, and several others
But I never play online, nor do I cheat on online gaming, I only use cheat for a single player campagin in every games I owned
Anyway I can't post the hijack log here, everytime I tried post the txt using code tags, a message appear "Sorry, but you can't post url's yet", and when I included the log file in the attachment, another error msg appears "The Extension log is not allowed"
So I paste the log in jpeg format, and attached it
Btw I never heard of a virus that could damage mobo's firmware, the only virus which I heard can damage hardware was CIH virus, but that is a long long time ago
Description: |
|
Filesize: |
1.22 MB |
Viewed: |
18612 Time(s) |
|
|
|
Back to top |
|
|
zm0d Master Cheater Reputation: 7
Joined: 06 Nov 2013 Posts: 423
|
Posted: Thu Dec 11, 2014 3:19 pm Post subject: |
|
|
Post the url with spaces instead if dots.
I would bet my ass you got some virus. Probably a rootkit.
|
|
Back to top |
|
|
aikoncwd Grandmaster Cheater Reputation: 23
Joined: 21 Dec 2012 Posts: 591 Location: Spain (Barcelona)
|
Posted: Thu Dec 11, 2014 5:34 pm Post subject: |
|
|
I don't see anything suspicious but you have a lot of useless process/services eating your resources.
Try to open any window with the text "cheat engine" on it (for example a notepad TXT with that name) and check if the window closes. Someting like ProcessMonitor can find your problem but maybe you will save time if you format (or try another windows user account) instead analyzing all the WinEvents...
_________________
Hey Hitler
Test here your skill with CheatEngine, I coded a challenge for you. Try to beat it!
HERE |
|
Back to top |
|
|
Geri Moderator Reputation: 111
Joined: 05 Feb 2010 Posts: 5636
|
Posted: Thu Dec 11, 2014 8:40 pm Post subject: |
|
|
Try msconfig or safe mode. If it will shut down even in safe mode, it's some serious shit. If it's working in diagnostic startup, you can figure out which trash is closing it by testing them one by one.
_________________
|
|
Back to top |
|
|
realpaleskin How do I cheat? Reputation: 0
Joined: 11 Dec 2014 Posts: 6
|
Posted: Thu Dec 11, 2014 11:01 pm Post subject: |
|
|
put spaces instead of dots, where ?
tried making a txt file,with cheat engine as filename and contains many "cheat engine" phrase in it, nothing happens
but I think I found the culprit :v
Description: |
|
Filesize: |
566.25 KB |
Viewed: |
18551 Time(s) |
|
|
|
Back to top |
|
|
zm0d Master Cheater Reputation: 7
Joined: 06 Nov 2013 Posts: 423
|
Posted: Fri Dec 12, 2014 3:53 am Post subject: |
|
|
realpaleskin wrote: | put spaces instead of dots, where ? |
Nvm, this was a tip for your problem not being able to post URLs. Then you edited your post and added the jpeg
So you should get rid of this isat ya.exe.
EDIT:
With some googling I was able to probably find the bad boy on a filesharing site. This one was release at 09.12.2014 and has actually a Virus Total scan. Nothing found in it. The icon of this .exe is an Intel symbol. Can you confirm this?
I'm at work an not able to use the VMs here to check this virus out in-deep. If someone is interested in this bad boy and want to reverse engineer it, let me know. Dont want to post this bad boys link here.
Also I checked out the assembly properties, where I was able to find probably the coders name "jex'o". There's a blog you can easy find by googling this name. Right now he's posting alot of cracking sofware, but probably only scam and to host his virus. He also posted some Cheat Engine tutorials to the NfS games, which ensures that he knows cheat engine. So he could be really the coder of that bad boy...
|
|
Back to top |
|
|
realpaleskin How do I cheat? Reputation: 0
Joined: 11 Dec 2014 Posts: 6
|
Posted: Fri Dec 12, 2014 6:12 am Post subject: |
|
|
zm0d wrote: | realpaleskin wrote: | put spaces instead of dots, where ? |
Nvm, this was a tip for your problem not being able to post URLs. Then you edited your post and added the jpeg
So you should get rid of this isat ya.exe.
EDIT:
With some googling I was able to probably find the bad boy on a filesharing site. This one was release at 09.12.2014 and has actually a Virus Total scan. Nothing found in it. The icon of this .exe is an Intel symbol. Can you confirm this?
I'm at work an not able to use the VMs here to check this virus out in-deep. If someone is interested in this bad boy and want to reverse engineer it, let me know. Dont want to post this bad boys link here.
Also I checked out the assembly properties, where I was able to find probably the coders name "jex'o". There's a blog you can easy find by googling this name. Right now he's posting alot of cracking sofware, but probably only scam and to host his virus. He also posted some Cheat Engine tutorials to the NfS games, which ensures that he knows cheat engine. So he could be really the coder of that bad boy... |
yes, I wonder why he did that, that isat ya.exe is meant for tunneling, since internet in my country is heavily censored, by the government and made very expensive, by stealing our already purchased internet quota, so only few could really benefit from the internet, it's the largest and longest white collar crime in Indonesia up until now (almost 20 years by now)
I'm pretty sure, he is the member of one of the facebook groups, which promotes internet freedom in our country, which I'm also a member :v
|
|
Back to top |
|
|
zm0d Master Cheater Reputation: 7
Joined: 06 Nov 2013 Posts: 423
|
Posted: Fri Dec 12, 2014 6:42 am Post subject: |
|
|
Ah, and there we got it
Aren't you able to use some VPNs?
Edit:
I modified the original file a bit, so you can use it and bypass your internet restriction. With this one you are able to visit the cheatengine sites
DL: http://uploaded.net/file/vchj5hlq Direct Download is activated, so you don't need to wait.
|
|
Back to top |
|
|
realpaleskin How do I cheat? Reputation: 0
Joined: 11 Dec 2014 Posts: 6
|
Posted: Sat Dec 13, 2014 7:40 am Post subject: |
|
|
zm0d wrote: | Ah, and there we got it
Aren't you able to use some VPNs?
Edit:
I modified the original file a bit, so you can use it and bypass your internet restriction. With this one you are able to visit the cheatengine sites
DL: Direct Download is activated, so you don't need to wait. |
thanks buddy, but u don't have to do that, I akready got another one
btw he released another bypass apps, and it also shutting down the system, wherenever it detects cheat engine running or cheat engine url in the browser
oh boy, he must got a lot of grudge against this site, did u guys banned him or bullied him in the past ? lol
Description: |
|
Filesize: |
385.51 KB |
Viewed: |
18285 Time(s) |
|
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25287 Location: The netherlands
|
Posted: Sat Dec 13, 2014 7:51 am Post subject: |
|
|
Delete shutdown.exe from your system
Perhaps besides tunneling your connection he also filters usernames and passwords from your connection to his own system and doesn't want you to find out with ce
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
|