87.gif

Search (advanced search)
Use this Search form before posting, asking or make a new thread.
Tips: Use Quotation mark to search words (eg. "How To Make Money Online")

01-21-2013, 04:35 AM
Post: #21
RE:
thanks mate....downloading hope it works fine
01-21-2013, 07:41 AM (This post was last modified: 01-21-2013 08:14 AM by joealex2012.)
Post: #22
RE:
(01-21-2013 03:47 AM)profitfromblog Wrote:  SHA256: 6b169de61d9c522ec702cd6eb8cbe4ff768a77783f305c45b74dc8b25db974b2
File name: SENuke XCR v3.0.54.0 Portable.rar
Detection ratio: 1 / 41
Analysis date: 2013-01-18 20:04:25 UTC ( 1 ngày, 21 giờ ago )

I found something at virustotal.com:
ESET-NOD32 a variant of MSIL/Packed.CryptoObfuscator.C

Thanks man for pointing that out... But let me give some info. that will be really useful for you from now on...
if you read the part that says variant of MSIL/Packed.cryptoobfuscator

this ain't a virus... it's just ESET thinks that as the file is a variant of MSIL or Microsoft Intermediate Language, or it's detected that the file is a .net and it's packed or crypted by cryptoObfuscator which is a way that the developer of SEnuke is using to protect the file from cracking by obfuscating the file source and make it unreadable during decompilation and dissassembly... this is first...


Second this is a check that may change because it's a a heuristic detection, you may scan again in two days and you get more detections or less detection or no detection do you know why? because the antiviruses companies knew that they only can detect the virus when it's known... but when it's unknown they wouldn't do anything about it... so they prepared their software to detect the packing software and warn the user about it as a virus... just because all virus creators use the same packing software like cryptoobfuscator just to try to make the virus Fully undetected or FUD... but it's not a virus... I assure you... and this is the same file that i downloaded from omega's link and i trust omega... Donno him in person but i do...

The Bottom Line... this is a false positive... and if you take the SEnuke.exe itself and scan it... it would tell you that the file was scanned before... supposed that they would know through the hash code...

and here some more proofs... if you take the SEnuke folder itself right from the download using just the original files and you would get the same crypto.obfuscator variant alert thing... because it's Areeb the developer who packed SEnuke not Us...


and btw... the same things would happen with other softwares if you are familiar with that for example...

if you scan scrapebox you would get a PEcompact variant... and if your antivirus doesn't detect it... you should change it...

if you want more examples believe me the list would go on and on.... no developer in the world would put a software out without a packer unless he's distributing the app for free or opensource... or he's a little naive or inexperienced, ... or he just doesn't want his software to get flagged as a virus so he makes it easier for cracking... and tells himself ... you know what I'm not better than Adobe or Microsoft...

Last but not least my final advice... always use VMware environment just in case...

Regards,
01-25-2013, 01:08 AM
Post: #23
RE:
thanks so much :)




21.gif