Hi, i'm new to this great forum.
I've checked the pda pack here http://anonym.to/?http://www.virustotal.com to check the presence of viruses.
I'm alerted about viruses in these files:
* IbaAnalyzer-5.18.0 error 217 hotfix.exe
* ibaAnalyzer_e217_eDataExtractor_hotfix.exe
* ibapda.v6.24.6-unleashed-features.exe
-------------
A suggestion: to avoid external sites to discover this forum i suggest to use this service:
http://anonym.to/
without that, it is easy for the external sites to discover from where arrive their visitors...
example:
i don't link this http://www.virustotal.com
but i link this:
http://anonym.to/?http://www.virustotal.com
in this way, the website "virustotal" can't discover that their visitors arrives from this forum
[?]: anonym.to or false virus detection
-
- Posts: 894
- Joined: Sun Apr 11, 2010 3:00 am
- Location: Russia
Re: [?]: anonym.to
These files are created with Diablo2002 Universal Patcher = packer.rpelle wrote:I'm alerted about viruses in these files:
* IbaAnalyzer-5.18.0 error 217 hotfix.exe
* ibaAnalyzer_e217_eDataExtractor_hotfix.exe
* ibapda.v6.24.6-unleashed-features.exe
Files made with this tool are detecting as malicious by some antiviruses.
Truth is that it is a file packer.
Features
* multiple file patcher
* programmable patch procedure
* offset patcher
* search and replace patcher
* text patcher
* registry patcher
* loader generator
* compare files (RawOffset and VirtualAddress) with different filesize
* attach files to patcher
* get filepaths from registry
* CRC32/MD5 and filesize checks
* patching packed files
* compress patcher with your favorite packer << this option are detecting as malicious by some antiviruses.
* save/load projects
* use custom skin in your patcher
* add music (Tracker Modules: xm,mod,it,s3m,mtm,umx,v2m,ahx,sid) to patcher
* multilanguage support
* and many more...
-
- Posts: 4
- Joined: Sun Jul 17, 2011 1:29 pm
virus in the patch
Is it possible to use a different patcher so we can test your patch without problems due to antivirus?
-
- Posts: 894
- Joined: Sun Apr 11, 2010 3:00 am
- Location: Russia
Re: [?]: anonym.to
I'm not planning to change patchtool at the moment. I'm satisfied with its functionality and do not see any malicious code inside of exe-files done with this tool. But if you can provide more evidences (rather than virus-checking with score 15/43) - I'll think about.
Patches provided "as is" and anyone use it for their own risk.
As an option you can run patches on virtual PC, patch dll in there and then bring patched dll on host OS.
P.S. At the first time the PDA Pack was delivered with .dll for manual replacement, later I've removed it in order to shrink archive size.
Patches provided "as is" and anyone use it for their own risk.
As an option you can run patches on virtual PC, patch dll in there and then bring patched dll on host OS.
P.S. At the first time the PDA Pack was delivered with .dll for manual replacement, later I've removed it in order to shrink archive size.
-
- Posts: 4
- Joined: Sun Jul 17, 2011 1:29 pm
Re: [?]: anonym.to or false virus detection
thank you for your reply, i've used the manual procedure (replace the DLL) for the pda and it is perfect, but it is not possible with the hotfix of ibaanalyzer.
can you tell me the file that hotfix ibaanalyzer target?
thank you very much
can you tell me the file that hotfix ibaanalyzer target?
thank you very much
-
- Posts: 894
- Joined: Sun Apr 11, 2010 3:00 am
- Location: Russia