r1ch.net forums
* Home Help Search Login Register
r1ch.net  |  r1ch.net stuff  |  Other Projects  |  Topic: ForceBindIP.exe infected by a trojan
Pages: [1]
Print
Author Topic: ForceBindIP.exe infected by a trojan  (Read 26840 times)
Spark
Member

Posts: 3


« on: April 01, 2009, 12:41:27 pm »

Hello,

I have download ForceBindIP-1.2-Setup.exe and ForceBindIP-1.2.zip.

ForceBindIP.exe (5.5kb) in ForceBindIP-1.2-Setup.exe it's ok but

ForceBindIP.exe (9.67kb) in ForceBindIP-1.2.zip is infected by TR/Crypt.XPACK.Gen

 undecided
« Last Edit: April 02, 2009, 04:03:10 am by Spark » Logged
R1CH
Administrator
Member

Posts: 2625



« Reply #1 on: April 01, 2009, 02:16:29 pm »

Your anti virus is producing false positives. You may wish to switch to a better one.
Logged
Spark
Member

Posts: 3


« Reply #2 on: April 01, 2009, 03:17:48 pm »

He is detected by Bitdefender, Antivir and other antivirus.

Why 5.5kb and 9.67kb ?
« Last Edit: April 01, 2009, 03:39:59 pm by Spark » Logged
R1CH
Administrator
Member

Posts: 2625



« Reply #3 on: April 01, 2009, 04:53:12 pm »

That is the size of the files, the file size has no relation to whether they are infected.

Edit, sorry I misread your post. The .exe in the .zip is digitally signed for integrity - check the digital signature in the file properties to verify it hasn't been modified by a virus. The .exe in the setup installer .exe is not digitally signed since I haven't updated it. That is why the file sizes differ.
« Last Edit: April 01, 2009, 05:55:31 pm by R1CH » Logged
Spark
Member

Posts: 3


« Reply #4 on: April 02, 2009, 08:11:09 am »

You don't update archive ?
Logged
TJL
Guest
« Reply #5 on: July 22, 2009, 12:26:08 am »

I found this trojan also, however I found that I detected this trojan from the forcebindip.exe that was downloaded via softpedia and not the one provided by www.r1ch.net

If you google "force bind ip" the first results are a softpedia version that has a trojan packed into it.
However if you google "forcebindip" it takes us to www.r1ch.net

Logged
R1CH
Administrator
Member

Posts: 2625



« Reply #6 on: July 22, 2009, 12:59:15 am »

The SoftPedia links to my site for the download. There is no trojan, just a false positive.
Logged
Ferryt
Guest
« Reply #7 on: September 13, 2009, 09:01:14 pm »

I'm having no success in installing ForceBindIP because ESET keeps quarantining it regardless of how I get it on my computer.  In fact, it's quarantined this entire site, apparently.  Unfortunately, there's no way to create an exclusion in ESET because it re-quarantines a file within two seconds after releasing it from quarantine, not giving sufficient time to set up an exclusion.  I've complained to ESET twice about this issue.  This appears to be a problem with quite a few anti-virus programs for some reason (and I might point out that ESET's Node32 anti-virus program is one of the best).  Maybe you could bend a couple arms for those of us being subjected to this stupidity?

Logged
R1CH
Administrator
Member

Posts: 2625



« Reply #8 on: September 14, 2009, 04:11:11 am »

Interesting, ESET apparently created a Win32/ForceBindIP classification for my program! No idea why. Emailing them now to see if they can explain it.
Logged
R1CH
Administrator
Member

Posts: 2625



« Reply #9 on: September 17, 2009, 06:38:09 am »

I modified the loader a bit to workaround all the broken anti-virus products, new version 1.2a is available at http://www.r1ch.net/stuff/forcebindip/
Logged
david
Guest
« Reply #10 on: June 25, 2010, 09:11:39 pm »

that link just busted the boot on my computer to eternally restart with AC power.  something like that
Logged
david
Guest
« Reply #11 on: June 25, 2010, 09:16:06 pm »

or it could be because my HD uses .1 watts more than the previous one. good luck!
Logged
Pages: [1]
Print
r1ch.net  |  r1ch.net stuff  |  Other Projects  |  Topic: ForceBindIP.exe infected by a trojan
Jump to:  

Powered by SMF 1.1.19 | SMF © 2013, Simple Machines