Jump to content

IDM.X2-Patch.UnREaL.RCE infected?


Chris`

Recommended Posts

I was just wondering if anyone has had any problems after running the IDM patch by UnREaL? I'm only asking this because it registers 76.2% on virustotal.com

Virustotal.com Report

I know alot of patches, cracks and keygens cause false positives because of the code and packers used to write them. Just wondering if this is the case here as well.

T.I.A. guys.

Link to comment
Share on other sites

  • Replies 4
  • Views 1.8k
  • Created
  • Last Reply

@Chris`:

The real question is: did you download it from nsane? If you did, you already know the answer ^_^

Link to comment
Share on other sites

@Chris`:

The real question is: did you download it from nsane? If you did, you already know the answer ^_^

yes from the frontpage. The only reason I posted is because it states anything over 75% you can post a topic. I figure better safe than sorry.

I've never had any problems with nsane before and don't imagine any in the future, just thought I'd get some input from the great people here ;)

Link to comment
Share on other sites

Always read what is detected. For example, here you can see: CAT-QuickHeal: HackTool.Patcher.A; Ikarus: not-a-virus.Patch.IDM; Microsoft: HackTool:Win32/Keygen. Kaspersky says it's clean. There are also LOTS of Generic/Heuristic/Behavioural detections.

This should tell you that only the way this application behaves when executed makes it suspect, and it's not really in the databases. When it's in the databases, it's listed as a hacktool or patch. Patches usually behave like droppers so they get picked up when they try to write some files or the registry.

I hope you understand now.

Link to comment
Share on other sites

Always read what is detected. For example, here you can see: CAT-QuickHeal: HackTool.Patcher.A; Ikarus: not-a-virus.Patch.IDM; Microsoft: HackTool:Win32/Keygen. Kaspersky says it's clean. There are also LOTS of Generic/Heuristic/Behavioural detections.

This should tell you that only the way this application behaves when executed makes it suspect, and it's not really in the databases. When it's in the databases, it's listed as a hacktool or patch. Patches usually behave like droppers so they get picked up when they try to write some files or the registry.

I hope you understand now.

Yes, thank you for your input :)

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...