Exetools  

Go Back   Exetools > General > Community Tools

Notices

Reply
 
Thread Tools Display Modes
  #61  
Old 01-22-2015, 22:33
hypn0 hypn0 is offline
Friend
 
Join Date: Dec 2014
Posts: 19
Rept. Given: 18
Rept. Rcvd 13 Times in 6 Posts
Thanks Given: 0
Thanks Rcvd at 3 Times in 3 Posts
hypn0 Reputation: 13
Quote:
Originally Posted by Loki View Post
Just a hunch, but I think he might have guessed that bit :P
I'm understand, he groaned for my post. I'm guilty, really sorry.
Reply With Quote
The Following User Says Thank You to hypn0 For This Useful Post:
Indigo (07-19-2019)
  #62  
Old 01-24-2015, 22:33
niculaita's Avatar
niculaita niculaita is offline
Family
 
Join Date: Jun 2011
Location: here
Posts: 1,358
Rept. Given: 954
Rept. Rcvd 89 Times in 61 Posts
Thanks Given: 4,553
Thanks Rcvd at 482 Times in 341 Posts
niculaita Reputation: 89
Quote:
Originally Posted by evlncrn8 View Post
what antivirus? and its documented in the nfo file about some antiviruses and false positvies.. simply add an exclusion until they get round to whitelisting..

"same as last year" .. there was more than one release in the past year m8

uploading a non crypted version isnt going to happen, its not my fault the av is a false positive on some av's and im not going to do multiple releases with stuff turned on / off, that makes maintainance a total pain

also, (this is highly ironic), if i remove the encryption (i've tested this, and indeed, this was one of the reasons crypto was added), some anti viruses see some signatures for detection and raise those as false positive.. so its a no win situation
then upload a crypted version made by other cryptor
Reply With Quote
The Following User Says Thank You to niculaita For This Useful Post:
Indigo (07-19-2019)
  #63  
Old 01-26-2015, 20:25
evlncrn8 evlncrn8 is offline
VIP
 
Join Date: Sep 2005
Posts: 179
Rept. Given: 36
Rept. Rcvd 54 Times in 24 Posts
Thanks Given: 50
Thanks Rcvd at 118 Times in 70 Posts
evlncrn8 Reputation: 54
which cryptor would you suggest?
Reply With Quote
The Following User Says Thank You to evlncrn8 For This Useful Post:
Indigo (07-19-2019)
  #64  
Old 01-26-2015, 20:27
evlncrn8 evlncrn8 is offline
VIP
 
Join Date: Sep 2005
Posts: 179
Rept. Given: 36
Rept. Rcvd 54 Times in 24 Posts
Thanks Given: 50
Thanks Rcvd at 118 Times in 70 Posts
evlncrn8 Reputation: 54
Quote:
Originally Posted by mcp View Post
Does anyone know what "WhiteLabel (SecuROM) protection Detected" means? What is this "Whitelabel" tag?
whitelabel means it was renamed and could be 'rebranded' (dss was one of the common names), whitelabel like on records etc

http://en.wikipedia.org/wiki/White-label_product
Reply With Quote
The Following User Gave Reputation+1 to evlncrn8 For This Useful Post:
mcp (01-26-2015)
The Following User Says Thank You to evlncrn8 For This Useful Post:
Indigo (07-19-2019)
  #65  
Old 01-27-2015, 01:00
niculaita's Avatar
niculaita niculaita is offline
Family
 
Join Date: Jun 2011
Location: here
Posts: 1,358
Rept. Given: 954
Rept. Rcvd 89 Times in 61 Posts
Thanks Given: 4,553
Thanks Rcvd at 482 Times in 341 Posts
niculaita Reputation: 89
repack

Quote:
Originally Posted by evlncrn8 View Post
which cryptor would you suggest?
enigma or vmprotect are ok but private cause public licenceses are antivirus blacklisted
Reply With Quote
The Following User Says Thank You to niculaita For This Useful Post:
Indigo (07-19-2019)
  #66  
Old 10-31-2015, 22:42
Corsten Corsten is offline
Family
 
Join Date: Aug 2010
Location: world
Posts: 41
Rept. Given: 36
Rept. Rcvd 40 Times in 11 Posts
Thanks Given: 87
Thanks Rcvd at 85 Times in 26 Posts
Corsten Reputation: 40
ProtectionID v6.7.0
31-10-2015

Quote:
Some bugs fixed, some tweaks, some protection detections added, next changelog will be more detailed, as it will give me time to catch up on what i changed, and to add other things and involve the beta testers again but i wanted to get the release done for the traditional halloween release
Download:
Code:
http://pid.gamecopyworld.com/dl.php?f=ProtectionId.670.halloween.2015.rar

Last edited by Corsten; 10-31-2015 at 22:49.
Reply With Quote
The Following 5 Users Say Thank You to Corsten For This Useful Post:
alekine322 (12-17-2015), daqstar (12-16-2015), Indigo (07-19-2019), MarcElBichon (11-01-2015), uranus64 (11-01-2016)
  #67  
Old 10-31-2015, 23:38
niculaita's Avatar
niculaita niculaita is offline
Family
 
Join Date: Jun 2011
Location: here
Posts: 1,358
Rept. Given: 954
Rept. Rcvd 89 Times in 61 Posts
Thanks Given: 4,553
Thanks Rcvd at 482 Times in 341 Posts
niculaita Reputation: 89
repack with else packer cause it is blocked as virused
Reply With Quote
The Following User Says Thank You to niculaita For This Useful Post:
Indigo (07-19-2019)
  #68  
Old 11-01-2015, 00:34
evlncrn8 evlncrn8 is offline
VIP
 
Join Date: Sep 2005
Posts: 179
Rept. Given: 36
Rept. Rcvd 54 Times in 24 Posts
Thanks Given: 50
Thanks Rcvd at 118 Times in 70 Posts
evlncrn8 Reputation: 54
no, i havent changed the crypt used on it in years, and im not planning to
and i mentioned the av is a false positive
so simple solution - add the folder to exclusions, or simply dont use it
simple as that, raising the same thing over and over is really boring

and if you see the virus total link i supplied on the home page, you'll see its 1 hit, from microsoft, which always falsely detect that, it will be whitelisted soon hopefully, but for now, the only way to get around it is add the exe to the exclusion list

also, its is NOT fucking virused... if it is, please show me the viral code oh wise one
Reply With Quote
The Following 3 Users Say Thank You to evlncrn8 For This Useful Post:
alephz (11-02-2015), Corsten (11-04-2015), Indigo (07-19-2019)
  #69  
Old 11-02-2015, 18:16
evlncrn8 evlncrn8 is offline
VIP
 
Join Date: Sep 2005
Posts: 179
Rept. Given: 36
Rept. Rcvd 54 Times in 24 Posts
Thanks Given: 50
Thanks Rcvd at 118 Times in 70 Posts
evlncrn8 Reputation: 54
new virustotal report -> https://www.virustotal.com/en/file/544cdc44c9cb8b9eb0043ccbd89309e88a380a1aacbcd3fb342297bd27626226/analysis/

so only a few hours after release it went to 19/55 'hits' (which i documented on the pid home page), 5 bad votes and 35 good ones, and then some attempt of a hack on the home page too, by someone looking for the source code (or anything related), looking for /jenkins folders etc... which is comical as the source isnt on the home site

now, as you can see, i hide nothing... the only av currently flagging pid as 'bad' is microsoft (windows defender etc), which is a false positive, and has happened for a long time, so adding the protectionid exe to the exclusion list is the only way to solve that

i've had no feedback of crashing or anything currently, so i hope that implies the release was a success
Reply With Quote
The Following User Says Thank You to evlncrn8 For This Useful Post:
Indigo (07-19-2019)
  #70  
Old 12-16-2015, 22:09
daqstar's Avatar
daqstar daqstar is offline
Family
 
Join Date: Jun 2006
Posts: 97
Rept. Given: 34
Rept. Rcvd 59 Times in 22 Posts
Thanks Given: 37
Thanks Rcvd at 31 Times in 17 Posts
daqstar Reputation: 59
Excellent Release but can't get Context Menu to function!


What a host of wonderful features you have injected into Protection ID,
but for some reason I can't get the
'Context Menu'
configuration to work.
(Configuration > Main Configuration > Context Menu)
Sure enough I can apply a tick to the relevant box,
but after 'Applying', Closing and Restarting,
the tick has gone,
and the 'Context Menu' item does not appear.
I have it set to 'run as admin',
so what am I doing wrong?

__________________
0z0n3
Reply With Quote
The Following User Says Thank You to daqstar For This Useful Post:
Indigo (07-19-2019)
  #71  
Old 12-19-2015, 00:46
evlncrn8 evlncrn8 is offline
VIP
 
Join Date: Sep 2005
Posts: 179
Rept. Given: 36
Rept. Rcvd 54 Times in 24 Posts
Thanks Given: 50
Thanks Rcvd at 118 Times in 70 Posts
evlncrn8 Reputation: 54
turn off the fucking colors for a start.. it looks dumb
i guess you did it for attention, it almost worked in the opposite way...

if the context menu doesnt work, then try running protectionid as administrator and doing it then.. it should work and stick.. im guessing you're on windows 10 or similar.. which doesnt let the context menu stuff happen unless admin access is given.. also the code hasnt changed for that part in many many years, so its not a 'new' bug..

1. run as admin
2. turn on context menu
3. exit
4. dont run as admin.. should all be fine then, and pid doesnt really benefit from having admin privs anyway
Reply With Quote
The Following 2 Users Say Thank You to evlncrn8 For This Useful Post:
giv (12-20-2015), Indigo (07-19-2019)
  #72  
Old 12-24-2015, 23:42
Corsten Corsten is offline
Family
 
Join Date: Aug 2010
Location: world
Posts: 41
Rept. Given: 36
Rept. Rcvd 40 Times in 11 Posts
Thanks Given: 87
Thanks Rcvd at 85 Times in 26 Posts
Corsten Reputation: 40
Protection ID v6.7.5

Protection ID v6.7.5
24-12-2015

Quote:
I fixed some bugs and tweaked more code making things a bit more stable, I plan to add in taggant v2 support soon,
but im having trouble obtaining sample files to work from (i dont use the taggant lib), so if anyone wants to help with
that please do so.

I plan to wind down this version and start on v7 as soon as possible, most will port over relatively easily and
the goal is to make an x64, x86, gui and console versions, with most of the code being in c/c++ for portability
(asm doesnt port too easily).. and will focus on it having a scanning core initially, and some pe
(perhaps elf etc too) tools built in

If you'd like to contribute to v7 please get in touch at the email above, same goes if anyone wants to donate anything
Download:
Code:
http://pid.gamecopyworld.com/dl.php?f=ProtectionId.675.December.2015.rar
Reply With Quote
The Following 8 Users Say Thank You to Corsten For This Useful Post:
alephz (12-26-2015), an0rma1 (12-25-2015), giv (12-26-2015), Indigo (07-19-2019), niculaita (12-25-2015), pnta (01-20-2016), sirius (04-03-2016), zeuscane (12-25-2015)
  #73  
Old 11-01-2016, 19:48
TechLord TechLord is offline
Banned User
 
Join Date: Mar 2005
Location: 10 Steps Ahead of You
Posts: 761
Rept. Given: 384
Rept. Rcvd 247 Times in 112 Posts
Thanks Given: 789
Thanks Rcvd at 2,021 Times in 571 Posts
TechLord Reputation: 200-299 TechLord Reputation: 200-299 TechLord Reputation: 200-299
Protection ID v6.8.0 ( Halloween 2016) Released.
31-10-2016

Quote:
"Change Log :

I fixed some bugs and tweaked more code making things a bit more stable, and added some new detections.
Some bugs (like the pestuff ones) still exist, as they didnt make it to the 'fixed' list but should hopefully be addressed for the christmas / holiday season release

I also didnt find any taggant v2 samples, so that didnt make it into the release either, other things did though so i hope this release brings some pleasure to previous users."
Download Here :

Code:
http://pid.serveexchange.com/dl.php?f=ProtectionId.680.halloween.2016.rar
Reply With Quote
The Following User Gave Reputation+1 to TechLord For This Useful Post:
mdj (11-02-2016)
The Following 10 Users Say Thank You to TechLord For This Useful Post:
deepzero (11-02-2016), Hypnz (11-01-2016), Indigo (07-19-2019), kienmanowar (11-02-2016), Kla$ (11-02-2016), Spiderz_Soft (11-02-2016), Tomy73 (11-01-2016), tonyweb (11-01-2016), TQN (11-04-2016), uranus64 (11-01-2016)
  #74  
Old 11-01-2016, 21:18
evlncrn8 evlncrn8 is offline
VIP
 
Join Date: Sep 2005
Posts: 179
Rept. Given: 36
Rept. Rcvd 54 Times in 24 Posts
Thanks Given: 50
Thanks Rcvd at 118 Times in 70 Posts
evlncrn8 Reputation: 54
wow, someone noticed
Reply With Quote
The Following 3 Users Gave Reputation+1 to evlncrn8 For This Useful Post:
Loki (11-02-2016), TechLord (11-02-2016), tonyweb (11-01-2016)
The Following 8 Users Say Thank You to evlncrn8 For This Useful Post:
deepzero (11-02-2016), Indigo (07-19-2019), Loki (11-02-2016), mdj (11-02-2016), TechLord (11-02-2016), tonyweb (11-01-2016), uranus64 (11-02-2016), wilson bibe (11-02-2016)
  #75  
Old 11-02-2016, 07:40
TechLord TechLord is offline
Banned User
 
Join Date: Mar 2005
Location: 10 Steps Ahead of You
Posts: 761
Rept. Given: 384
Rept. Rcvd 247 Times in 112 Posts
Thanks Given: 789
Thanks Rcvd at 2,021 Times in 571 Posts
TechLord Reputation: 200-299 TechLord Reputation: 200-299 TechLord Reputation: 200-299
Quote:
Originally Posted by evlncrn8 View Post
wow, someone noticed
I am sure that just like me, the entire reversing community would have been waiting for this release

Great job , I must say !
Reply With Quote
The Following 2 Users Say Thank You to TechLord For This Useful Post:
evlncrn8 (11-02-2016), Indigo (07-19-2019)
Reply

Tags
exeinfo, peid

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
IDA 6.8 Released N0P General Discussion 18 08-11-2015 00:39


All times are GMT +8. The time now is 01:58.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )