Tuesday, February 19, 2008

Virus Creator Packer / Compressor or False Positive?

Download the Original Packer / Compressor / Crypter and pack/compress some files to get the results. Scan with AVCheck (Test) Packed / Compressed / Protected output file for false positive AntiVirus results

001. RealArcade Wrapper (Microsoft Visual C++)
002. Borland Delphi (2.0 - 7.0) - Commercial
003. Microsoft Visual C++ ver. 5.0 ~ 6.0 (exe) - Commercial
004. Microsoft Visual C++ ver. 7.x (exe, dll) - Commercial
005. PEtite 2.x - Ian Luck - check for false positive
006. UPX exe 0.89.6 - 1.02 / 1.05 - 1.93B - Markus & Laszlo - Open source
007. UPX dll file - 1.93Beta - Markus & Laszlo - Open Source
008. Aspack v2.12 -> Alexey Solodovnikov - Commercial
009. EXECryptor v.2.3.1-6 www.strongbit.com - Commercial - check for false positive
010. Morphine ver.2.7b - Freeware - check possible false positive?
011. AC protect 2.0 by RIScO Software Inc. www.ultraprotect.com - Commercial
012. ASprotect 2.1 reg www.aspack.com/asprotect.htm - Commercial
013. AHTeam EP Protector ver.0.3 priv - Freeware - False Positive (Check AV Product if Detected)
014. WinUpack 0.39 final by Dwing http://dwing.51.net - Freeware - False Positive (Check AV Product if Detected)
015. Software Compress ver. 1.2 Lite - www.bgsopt.com - Commercial - check for false positive
016. PEcompact ver.2.78a - 2.80 - www.bitsum.com - Commercial (lite Version free for Students only, packed files distribution required commercial license)
017. nsPack ver.2.3 unreg - by North Star - www.nsdsn.com - Commercial
018. nsPack ver.3.0 - 4.1 reg - by North Star - www.nsdsn.com - Commercial
019. Mole Box 2.5.7 by Teggo. - www.molebox.com - Commercial - check for positive
020. Microsoft Visual C++ ver. 8 - Commercial
021. EXE Guarder 1.8 - 2.1 (2006/2008 unreg) www.exeicon.com/exeguarder - Commercial - check for false positive
022. EXE Wrapper ver. 2.3-2.5 (www.533soft.com/exewrapper) - check for false positive
023. Exe password protector 1.0.5.100 (protect/unprotect) - check for false positive
024. TASM / MASM
025. MS Visual Basic 5.0-6.0 dll - Commercial
026. MS Visual Basic 5.0-6.0 exe - Commercial
027. Armadillo 4.4x - 4.62 32bit - www.siliconrealms.com - Commercial *installs hidden Files / Driver / Regkeys Flag
028. Enigma protector v1.1x - www.enigma.izmuroma.ru © Sukhov Vladimir 2004-2006 - check for false positive
029. SVK-Protector v1.32 demo - Pavol Cerven - www.anticracking.sk - Commercial
030. ASprotect 1.x old version www.aspack.com/asprotect.htm - Commercial
031. AC protect 1.x by RIScO Software Inc. www.ultraprotect.com - Commercial
032. Packman v1.0 Brandon LaCombe http://packman.cjb.net - check for false positive
033. modified exe, EP code = Borland Delphi 2.0 - 7.0
034. ExeStealth V2.76 www.webtoolmaster.com - Commercial
035. FSG v2.0 F[ast] S[mall] G[ood] - www.xtreeme.prv.pl - Freeware (Check AV Product Quality if detected) - test false positive packed with FSG v1.x
036. Aspack v2.1x -> Alexey Solodovnikov - Commercial
037. Aspack v2.12b - Alexey Solodovnikov - Commercial
038. Program protector v2.1unreg - www.blumentals.net - Commercial - check for false positive
039. Obsidium v1.3 software protection system (demo) - www.obsidium.de - Commercial
040. ARMprotector v0.1 by SMOKE 2004 - check for false positive
041. ARMprotector v0.3 by SMOKE 2004 - check for false positive
042. SDProtector Profesional Edition v1.12 - www.sdprotector.com - Commercial - check for false positive
043. Themida 1.0 -1.3? - Adv.Win.Software Protection System (c) 2004-2005 Oreans Technologies - www.oreans.com - Commercial (installs hidden device driver, reg entries) - Flag
044. yodas Protector v1.03.3 - http://yodap.has.it 2004-2006 - Freeware - False Positive (Check AV Product if Detected)
045. yoda's Crypter v1.3 - Ashkbiz Danehkar 2004-2005 - Freeware - False Positive (Check AV Product if Detected)
046. PE-Pack v0.99 (c) 1998 by ANAKiN - check for false positive
047. WATCOM C/C++ 1988-1995
048. Microsoft CAB SFX module - Free
049. Microsoft Visual C++ vx.x - Commercial
050. UPX Markus & Laszlo ver. 2.00 - Open Source
051. PeSpin v1.304 public by CyberBob - http://pespin.w.interia.pl - check for false positive
052. UPX Markus & Laszlo ver. [ ] - EXE modified!!!
053. UPX with extra sections - Real EP resolver - check for false positive
054. PolyEnE v0.01+ Polymorphic Encryptor (c) 2001 Lennart Hedlund - check for false positive
055. Nullsoft PiMP Stub
056. eXpressor PE Packer v1.4.5.1 - www.cgsoftlabs.ro (exe, dll) - Commercial - check for false positive
057. Thinstall 2.4x - 2.5x Jitit Software - www.thinstall.com - Commercial - check for false positive
058. Thinstall 2.7x Jitit Software - www.thinstall.com - Commercial - check for false positive
059. Nullsoft scriptable install system 2.xx - Free
060. Inno Setup Module [SFX] - Borland Delphi Inno Setup Module - Free
061. Private EXE Protector 1.7 2003-2006 www.setisoft.com - Commercial
062. Excalibur v1.03r (c) Excalibur (c) DFCG, http://www.breezer.ful.cn - Freeware - False Positive (Check AV Product if Detected)
063. MSLRH v.032a - SISTEMA DE PROTECCION ANTICRACKEO - check for false positive
064. ShareGuard Loader V3.6 Zapper Software - www.zapperSoftware.com
065. Borland C++ 1999 - Commercial
066. Zip Sfx Archive
067. Rar Sfx Archive Trial - Commercial
068. 7-Zip Sfx Archive - Open Source
069. WinZip Sfx ver. 8.x www.winzip.com - Trial Test Version - Commercial
070. Zylom Game Installer zip Sfx (MS Visual C++ 7.0) - check for false positive
071. Borland C++ 2002/2005 - Copyright 200X Borland Corporation - Commercial
072. WinZip Sfx www.winzip.com - Commercial
073. Lock Express 2.0 Build 9.2 - 1997-2006 Sciensoft Research Inc - Commercial
074. FreeBASIC Compiler v0.14-0.17 (c) 2004-2006 Andre Victor T.Vicentini - console App.
075. InstallShield 2003 (MS Visual C++ 5/6.0) - Commercial
076. InstallAware Setup Squeezer InstallShield - www.installaware.com (7zip archive) - Commercial
077. Installer Nullsoft PiMP Stub (UPX pack) - Freeware
078. Nullsoft PiMP Stub installer - Freeware
079. ASprotect 1.1c old version (www.aspack.com/asprotect.htm) - Commercial
080. Microsoft Visual C# / Basic.NET - Commercial
081. Setup Dev INSTALLER – Version 1.3 © Shere Khan – November 2005 (MS Visual C++ 5/6.0) - Commercial
082. Dev-C++ Compiler v4.9.9.2 - Bloodshed Software (www.bloodshed.net)
083. EXE STICKER like DotFix FakeSigner - Freeware - False Positive (Check AV Product if Detected)
084. DotFix FakeSigner v3.4 (ASPR Stub) http://fakesigner.dotfix.net - Commercial - False Positive
085. PeLock v.1.x Bartosz Wójcik www.pelock.prv.pl - check for false positive
086. MS IExpress 2.0 - Win32 Cabinet Self-Extractor - Free
087. MS IExpress x.x - CAB installer - Free
088. InstallShield (R) Setup Launcher v.7.x CAB file (MS Visual C++ 5/6.0) - Commercial
089. PEcompact ver.1.41 - v1.84 - www.bitsum.com - Commercial
090. ORiEN ver.2.11~2.12 - (1994-2003 http://zalexf.narod.ru) - check for false positive
091. VMProtect v.1.2x (demo) 2003-2006 PolyTech - www.polytech.ural.ru - Commercial
092. FASM ver. 1.67 - Freeware - check for false positive
093. Private exe Protector v1.9x - www.setisoft.com - Commercial - check for false positive
094. Krypton The Krypter ver.0.3 by Yado - www.lockless.com - Freeware - check for false positive
095. MEW 11 SE 1.2 by Northfox (2004) - Northfox.uw.hu - Freeware (Check AV Product Quality if detected)
096. PEncrypt 4.0 Public Release / 4.0 Phi junkcode - www.junkcode.cjb.net - Freeware - check for false positive
097. SDProtector Pro Edition v.1.16 www.sdprotector.com - Commercial
098. PE Diminisher v.0.1 (1999) - www.phrozencrew.com/~teraphy - Freeware (Check AV Product Quality if detected) - check for false positive
099. !EP (EXE Pack) v1.0 g-l-u-k [TeaM - X] 2005 - www.softprot.cjb.net
100. [G!X]'s Protector v1.2 - http://breezer.ys168.com
101. Active PE Scrambler / APES / v. 1.0 (2005) [TeaM - X] - www.team-x.ru - check for false positive
102. (UPX) PowerArchiver 2006 [ZIP/ CAB/ ...] SFX v.9.63.x - www.powerarchiver.com
103. GameHouse.com installer (MS Visual C++) inside Wise Installer
104. Dev-C++ Compiler v4.9.9.2 (MINGW 32 v5.x.x) - Bloodshed Software (www.bloodshed.net )
105. Hide&Protect v1.0x 2005 - www.SoftWar-protect.com
106. WWPack32 ver 1.xx (1997,98) by P. Warezak and R.Wierzbicki - check for false positive
107. CHAOS Self Extractor 3.9 (1998-2006) ( WWPack-ed ) http://safeSofthome.com
108. Xtreme-Protector v.1.08 (c) 2003 www.oreans.com/xprotector/xprot.htm - Commercial - installs a hidden driver device and some locked Registry entries FLAG
109. LCC Win32 v1.x (Jacob Navia) http://www.cs.virginia.edu/~lcc-win32/ - check for false positive
110. LCC Win32 v1.x DLL (Jacob Navia) www.cs.virginia.edu/~lcc-win32 - check for false positive
111. Hmimys-Packer v1.0 - check for false positive
112. ExeFog v.1.1x - 2005 - www.bagie.xost.ru - Freeware - check for false positive
113. PolyCrypt PE v.2.1.x (2004-2005) - www.jlabsoftware.com (exe/dll) - check for false positive
114. SimplePack v1.0 - 1.2 (LZMA / APLIB - Packman compression library 1999-2005 Igor Pavlov) - check for false positive
115. SimplePack v1.11 - 1.2x
116. Unopix Version 1.10 Final 2006 Scrambler for PE files (exe/dll) - check for false positive
117. PPC PROTECT ver 1.1 (2006) Alexey Gorchakov www.ppc-protect.com
118. Inno Setup Uninstaller - Borland Delphi - Freeware
119. Armadillo v2.5x - v2.6x - www.siliconrealms.com - Commercial
120. DotFix NiceProtect v1.2 by GPcH Soft (2006) - www.niceprotect.com - Commercial
121. CreateInstall v4.x Gentee (2004 - 2006) - www.createinstall.com - Commercial
122. Gentee Programming Language © 2004-2006 www.gentee.com
123. RLPack v.1.11 BasicEdition (uses aPLib 0.42) http://ap0x.jezgra.net - Freeware / False Positive (Check AV Product Quality if detected)
124. ReversingLabsProtector 0.7.4beta http://ap0x.headcoders.net Freeware / False Positive (Check AV Product Quality if detected)
125. Install Creator Pro ver.2.0 (2003) - www.clickteam.com
126. PowerBasic /CC 3.0x/CC 4.0/Win 7.0x/Win 8.0x - www.powerbasic.com
127. WinUHA ver.2.0 Sfx Archive - www.winuha.com (UPX) - Freeware / False Positive (Check AV Product Quality if detected)
128. ZipGenius 6.0.x Sfx Archive - www.zipgenius.it (Borland Delphi)
129. PEbundle ver.3.20 ( 2003 ) Jeremy Collake - www.bitsum.com / Alloy Executable Compressor v.4.x- Copyright © 2000-2006 PGWARE - www.pgware.com - Commercial
130. Lazy Assembler Version 0.53 (26 Sep 2006) Freeware (c) 2000-2006 Stepan Polovnikov - Freeware / False Positive (Check AV Product Quality if detected)
131. nPack v1.1.300 (aPlib ) by NEOx (2006) www.uinc.ru - Commercial False Positive if detected
132. Installer - Setup Factory 6.0 - 7.0 Indigo Rose Corporation (2006) MS V C++ 6.0 - Commercial
133. dePack by deNULL - www.ooooQ.cn - check for false positive
134. Goat's PE Mutilator v.1.6 (2005) - www.geocities.com/killereaglesoftware - check for false positive
135. RLPack v.1.14-1.18 BasicEdition (uses aPLib 0.43 / LZMA 4.30) http://ap0x.jezgra.net - Freeware / False Positive (Check AV Product Quality if detected)
136. VBOWatch protector v2.0 Copyright [c] 2006 MoonLight - www.ooooQ.cn - check for false positive
137. Generic check : build like - Private exe Protector v2.0 - www.setisoft.com - Commercial
138. Easy Code v.1.0x (GUI for assembler) Ramon Sala - www.easycoder.org - check for false positive
139. Mole Box 2.6.1 by Teggo. - www.molebox.com - Commercial - check for false positive
140. SLVcOdeProtector v.1.12 by SLV - www.ooooQ.cn - Freeware / False Positive (Check AV Product Quality if detected)
141. Exewrap MFC Application v.1.0 (2003)
142. Microsoft Visual C++ 8 compiler (2006) - Commercial
143. RosAsm -V2.039c - http://betov.free.fr - check for false positive
144. Software Compress ver. 1.4 Lite - www.bgsopt.com - check for false positive
145. Intel (R) C++ Compiler - Commercial
146. FreePascal ver : FPC 1 - 2 Win32 -> (Berczi Gabor, Pierre Muller & Peter Vreman)
147. Open WATCOM C/C++32 Portions Copyright (c) Sybase 1988-2002 - check for false positive
148. File2Pack SFX v.2.0 2006 (F2P Self Extractor) www.mental9production.com MS VB5/6 - check for false positive
149. PV Logiciels dotNet Protector 4.0 2003-2005 http://dotnetprotector.pvlog.com - check for false positive
150. ReflexiveArcade Game wrapped file ( *.RWG )
151. DAStub Dragon Armor (BamBam0.0.4.1) from Orient 2006 www.ooooQ.cn - check for false positive
152. Akala EXE Lock ver.3.20 www.zero2000.com (Aspack v2.12 - Alexey Solodovnikov) - Commercial - check for false positive
153. BeRoEXEPacker - Version 1.00 - Copyright (C) 2006, Benjamin BeRo Rosseaux (Exe/DLL) - check for false positive
154. EXE Password Protector v.1.1 (MSV C++ v7) www.eltima.com/products/exe-password - check for false positive
155. AGInstaller 1.9.12 (UPX pack) Copyright (c) 2001-2006 Agentix Software - www.aginstaller.com
156. CreateInstall v2003.3.5 www.createinstall.com/www.gentee.com
157. Protection PLUS - Instant plus (software key) 2.0.98.0 (2005) - www.softwarekey.com Concept Software - Commercial
158. Wise Installation System! std/pro 9.02 (c) Wise Solutions Inc. - www.wise.com - Commercial
159. Wise Installation System! ver. ?.? (c) Wise Solutions Inc. - www.wise.com - Commercial
160. Wise Uninstaller Wizard (sec3) - www.wise.com - MS Visual C++ ver.6 - Commercial
161. m9P Editor Plus v.1.0.300 Distributable Executable Rich Text - DERT™ X ©mental9Production, 2005 - www.mental9Production.com - check for false positive
162. Nullsoft uninstaller - www.nullsoft.com - (UPX packed) - Freeware
163. Nullsoft uninstaller - www.nullsoft.com - Freeware
164. Softwrap (XTREAMLOK) ver. 1.x~3.x - www.softwrap.com (exe/dll)
165. RLPack v.1.14-16 Full Edition - False signatures unichecker - commercial - check for false positive
166. RLPack v.1.14-16 Full Edition (uses aPLib 0.43 / LZMA 4.3x) http://ap0x.jezgra.net - commercial - check for false positive
167. Salfeld Computer EXE Password 2004 v 7.114.0.0 trial - www.salfeld.com (Borland Delphi) - Commercial
168. Wise for Windows Installer pro 4.21 (CAB) - www.wise.com - Commercial
169. Tarma Installer ver. 2.99.2156 (2005) Tarma Software Research Pty Ltd. - www.tarma.com (MS Visual C++) - Commercial
170. NTkrnl Secure Suite v.01 packer or protector - www.ntkrnl.com (exe)- Commercial
171. NTkrnl Secure Suite v.01 packer or protector - www.ntkrnl.com (dll)- Commercial
172. [dUP2 - diablo2oo2] v.2.1x patchengine (patch) - Mircosoft MacroAssembler - http://diablo2oo2.cjb.net - Freeware (Check AV Product if detected)
173. [dUP2 - diablo2oo2] v.2.1x patchengine (loader installer) - Mircosoft - MacroAssembler - http://diablo2oo2.cjb.net - Freeware (Check AV Product if detected)
174. PE password encryptor 31-01-2000 by SMT (asm) - check for false positive
175. WinUDA 0.271 sfx (2004) by Dwing http://dwing.51.net - Freeware (Check AV Product if detected)
176. kkrunchy 0.1x >> radical exe packer - www.farbrausch.de/~fg/kkrunchy - Freeware check for false positive
177. kkrunchy 0.23 alpha 2 >> radical exe packer (c) f. giesen 2003-2005 - www.farbrausch.de/~fg/kkrunchy - Freeware - check for false positive
178. CyberInstaller Suite 2006 1.1 - SilverCyberTech 2003-2007
179. Eurora3D - free installator - www.extramedia.co.yu/eurora3d (ASM)
180. Microsoft Visual C++ ver. 7.1 [DEBUG] exe - Commercial
181. Fucking Fake File 1.0 by wspomagacz 2005.11 (EXE Binder exe, jpg hidden inside)
182. Anskya Polymorphic Packer V 1.3 Code By Anskya - check for false positive
183. Self-Extracting Archive Utility (SEAU) ver. 15.0 2006 (Aspack v2.12 - Alexey Solodovnikov) - http://gammadyne.com - Commercial
184. PE-Pack v 1.0 (c) 1998 by ANAKiN - check for false positive
185. PKLITE32(tm) - Version 1.1 02-15-1999 (exe) - check for false positive
186. PKLITE32(tm) - Version 1.1 02-15-1999 (DLL) - check for false positive
187. EncryptPE V2.2006.10.25 China Cracking Group - www.encryptpe.com - Freeware - check for false Positive
188. CC386 Version 3.28.1.6 Copyright (C) (GPL) LADSoft 1994-2006 - check for false positive
189. PC Guard for Win32 V5.01 - www.sofpro.com - Commercial
190. JDPack ver 1.01 (2005) - www.tlzj18.com - check for false positive
191. Netopsystems AG INSTALLER FEAD(R) SFX (MS C++) - www.netopsystems.com
192. Borland C++ 1995~1998 - www.borland.com - Commercial
193. eXpressor PE Packer v1.5.0.1 - www.cgsoftlabs.ro - Commercial - check for false positive
194. Excelsior Installer v1.0 2003-2007 (MS Visual C++ 6.0) - www.excelsior-usa.com - Commercial
195. tElock v0.98 Freeware PE-Compressor/Encryptor (c) 2000-2001 by tE! - Freeware / False Positive (Check AV Product Quality if detected)
196. UPX Lock v1.02 (2007.02) - www.team-x.ru - Freeware / False Positive (Check AV Product Quality if detected)
197. softSENTRY 3.00 1999 - 20/20 Software Inc. www.twenty.com (site closed) - check for false positive
198. DxPack ver 0.86 (2001.06) - check for false positive
199. Neolite 2.0 -> Neoworx Inc. (1999.03.20) - www.neoworx.com (site closed) - Commercial - check for false positive
200. ZipWorx SecureEXE v3.0 (2004-2007) www.zipworx.com (Neolite packed) - Commercial
201. PE-DIY Tools V1.10 2004 by A.Young (PoJieYong) - www.w-yong.com - Freeware (Check AV PRoduct if Detected)
202. aUS v0.5 beta (upx scrambler 2005.08) - http://ap0x.headcoders.net - Freeware (Check AV Product Quality if Detected)
203. EXE protector 2.01a Eyhab Hillail (1998-2003)- http://oxygen72.tripod.com - Commercial - check for false positive
204. 32Lite 0.03a - Oleg Prokhorov - check for false positive
205. aPackage SFX v.1.14 2001-2002 Joergen Ibsen [32Lite v0.03a packed]
206. NTPacker V2.1 by ErazerZ (2005.12) ErazerZ@gmail.com (zPlib / XOR / aPlib+xor)
207. WinHKI v1.77 SFX 2000-2007 by Hanspeter Imp www.winhki.com (packed PEcompact ver.2.7x) - Commercial
208. nBinder 5.1.0 (24.03.2007 MSV C++ 8.0) NKProds Software - www.nkprods.com
209. Securom 7.1 - Sony DADC - www.securom.com - Commercial
210. Cexe Executable Compressor v1.0b Copyright 1999, Tinyware, Inc. - www.tinyware.com by Scott Ludwig - Commercial
211. ASprotect 2.3 SKE (www.aspack.com/asprotect.htm ) - Commercial
212. Easypano Virtual Tour player (MSV C++) - www.easypano.com - Commercial
213. PeX v0.99 bart/CrackPl (2000) (APLib 0.26 by J.Ibsen) - longdiy.myrice.com - check for false positive
214. YZPack v.2.0b.aplib (c) UsAr (2007.03) - check for false positive
215. YZPack v.1.1 LZMA (c) UsAr (2006.08) - check for false positive
216. YZPack v.1.2 aplib/LZMA (c) UsAr (2007.03) - check for false positive
217. ExeStealth V2.72 (Share.ver)- www.webtoolmaster.com - Commercial
218. ExeStealth Vx.x (share.ver) - www.webtoolmaster.com - Commercial
219. ExeStealth V2.x (Regg.ver) - www.webtoolmaster.com - Commercial
220. nsPack ver.1.x - x.x by North Star - www.nsdsn.com - Commercial
221. Microsoft Visual C++ 6 DLL - Commercial
222. exe32pack 1.42 Copyright 1999-2004 www.SteelBytes.com - Commercial
223. Protect Exe 0.4 Beta (PROEX) 2002 - www.dpaehl.de.cx (UPX packed) - Freeware / False Positive (Check AV Product Quality if detected)
224. SexyPacker v.1.0.1.0 c 2001 - www.smalleranimals.com (SFX) MSV C++ 5.0 - Freeware / False Positive (Check AV Product Quality if detected)
225. ID Executable Password 1.2 (c) 2005 Fastlink2 Build: 08/08/2005 - www.idsecuritysuite.com - Commercial
226. ID Application Protector v.1.2 Unreg (c) 2005 Fastlink2 - www.idsecuritysuite.com - Commercial
227. Pelles C for Windows v2.xx - 4.50 ExE (1999-2006) - www.smorgasbordet.com/pellesc - check for false positive
228. Wise for Windows Installer pro ?.?? (CAB in section 4) MS C++ - www.wise.com - Commercial
229. WinUtilities 5.2 EXE Protector 1.0 (2002-2007) YL Computing Inc. - www.ylcomputing.com - check for false positive
230. VMProtect v.1.25 - 1.x (demo) 2003-2006 PolyTech - www.polytech.ural.ru - Commercial - check for false positive
231. REALbasic 2007 R2 Standard Edition (1997-2007 REAL Software) - www.realbasic.com
232. UPX 3.0 - Markus & Laszlo ver. [ 3.00 ] <- info from file. (sign for DEV C++ compiler)233. Microsoft Visual C++ ver. 7.1 EXE/DLL (3 bytes sign - easy to false)234. Beria v0.07 public WIP (2005) - symbiont (aPlib) - check for false positive235. NoodleCrypt version 2 by NoodleSpa (2000.08) - check for false positive236. VPacker v0.02.10 by tt.t - check for false positive237. Private exe Protector v.2.00-2.15 (18.04.2007) www.setisoft.com - Commercial - check for false Positive238. Free Pascal Compiler v.2.1.4 i386 GUI APP (11.05.2007) Berczi Gabor - www.freepascal.org239. Free Pascal Compiler v.2.1.4 i386 CON APP (11.05.2007) Berczi Gabor - www.freepascal.org240. Free Pascal Compiler v.2.1.4 i386 DLL APP (11.05.2007) Berczi Gabor - www.freepascal.org241. InstallShield v.12 (MSV C++ ) www.installshield.com / www.macrovision.com - Commercial242. InstallShield v.12-14 2008 (MS Visual C++) www.installshield.com / www.macrovision.com - Commercial243. FASM (1.3x -1.67) 2004-2007 http://flatassembler.net - Tomasz Grysztar - Freeware (Check AV Product Quality if detected)244. Thinstall VS 3.0.x - Jitit Software - www.thinstall.com - Commercial - check for false positive 245. Astrum InstallWizard v2.24.20 (1999-2006) - www.thraexsoftware.com (MS Visual C++) - Commercial246. WinZip SelfExtractor 3.0 (MSV C++ v7) 1996-2006 WinZip Int. LCC - www.winzip.com - Commercial247. Wise Instalation Express v7.0 2006 (SFX CAB) MSV C++ - wise.com / ALTIRIS - Commercial248. VisageSoft Installer ? WISE for Win/.msi ( MSCF CAB ) Borland C++ - www.visagesoft.com - Commercial249. ST Protector v1.5 SE (2006) - Silent Software 250. (exe) Visual Protect v2.5.7 2000.12 www.visagesoft.com - Commercial251. (dll) Visual Protect v2.5.7 2000.12 www.visagesoft.com - Commercial252. eXpressor PE Packer v1.5.0.1 (MODE: Protection) - www.cgsoftlabs.ro - Commercial253. The Enigma Protector 1.31 unreg (2007.06.15) - Vladimir Sukhov - www.enigmaprotector.com (exe/dll) - Commercial254. generic check: (exe) Visual Protect (2000?) www.visagesoft.com - Commercial255. RCryptor 1.6d by Vaska (2007.01) - check for false positive256. Polymorph Crypter,Beta Morphnah (c) puccxak.com (2007.05)257. Pohernah v1.0.3 puccxak.com (2007.03) - check for false positive258. QIP[Crypt] (2007.06) Borland Delphi Crypter - check for false positive259. SimbiOZ (RUS) ! Rootkit exe hider ! - Virus260. AsdPack2 (EP overflow exe - Delphi or C++ detector) - check for false positive261. QSetup Instalation Suite 8.5.0.4 - 26.05.2007 - www.pantaray.com - Commercial262. Perplex PE-protector v1.01devel 2002-2003 by [tc] GiveMe5/BliZZaRD - check for false positive263. Mole Box 2.6.4 by Teggo. - www.molebox.com - check for false positive264. !EP (exe pack) v1.4 (lite) final - Team-X (2007.04) www.team-x.ru, http://exetools.blog.com.cn - Freeware / False Positive (Check AV Product Quality if detected)265. DalKrypt 1.0 by DalKiT - www.dalkit.fr.st (26.10.2003) Anti-SI, Anti-Debug, Anti-Dump - check for false positive266. NackedPacker v1.0 by BigBoote (2004.01-2007.06?)- www.PEArmor.com - check for false positive267. WATCOM C/C++32 Run-Time system (c) Sybase Inc, 1988-2000268. MS Visual C++ v.5 DLL Method 1 (MS VBasic kit library) ACM*269. Open Source Code Crypter 1.0 by p0ke (9.06.2007) - www.swerat.com - http://unnamed.bot.nu (Borland Delphi) - Freeware / False Positive (Check AV Product Quality if detected)270. Private Personal Packer (PPP) Version 1.0.2 (13.03.2007) - www.ConquestOfTroy.com ACM*271. Wise for Windows Installer v.x.xx (CAB in section 4) MS C++ 7.0 - Commercial272. Inteli check: unknown Installer - MSCF Cab file273. Armadillo x.x ~ 5.0 32bit - Commercial - Flag adds hidden Registry Keys
274. Armadillo x.x ~ 5.0 32bit [Dll-std protection] - Commercial - Flag adds hidden Registry Keys
275. MASM assembler - check for false positive
276. unknown ver. WATCOM C/C++32 (c) Sybase 1988-200?
277. Dev - (MINGW 32 v x.x.x) - Bloodshed Software (www.bloodshed.net) - check for false positive
278. Borland Delphi 2006 - www.borland.com - Commercial
279. Borland C++ - (DLL) Copyright 1994/96, 1999 Borland Intl. - Commercial
280. CRYPToCRACk's PE Protector 0.9.3 (2007.01) Lukas Fleischer - cryptocrack.de - Freeware / False Positive (Check AV Product Quality if detected)
281. Break-Into-Pattern, a.k.a BIP, v0.1 (2006.01) - http://n0name.exmuros.net http://undergroundkonnekt.net - Freeware / False Positive (Check AV Product Quality if detected)
282. DotFix NiceProtect 2.5 (with internal packer) GPcH Soft - www.niceprotect.com - Commercial - check for false positive
283. DotFix NiceProtect 2.5 (Krypton sign) GPcH Soft - www.niceprotect.com - Commercial - check for false positive
284. DotFix NiceProtect 2.5 (SVKP 1.3x sign) GPcH Soft - www.niceprotect.com - Commercial - check for false positive
285. DotFix NiceProtect 2.5 (Visual C++ sign) GPcH Soft - www.niceprotect.com - Commercial - check for false positive
286. Borland Delphi (Component) xxxx - www.borland.com - Commercial
287. Microsoft Visual C++ ver. x.x DLL - Commercial
288. Microsoft Visual C++ ver. 8.0 DLL ACM*
289. Microsoft Visual C++ ver. 7.xx DLL - Commercial
290. Private exe Protector v.2.25 (28.06.2007) www.setisoft.com - Commercial
291. Microsoft Visual C++ ver. 9.0 exe - Commercial
292. Microsoft Visual C++ ver. 9.0 DL - Commercial
293. PEiD Plugin -> Exe Converter v.1.00 (BobSoft) - Freeware - check for false Positive
294. MarjinZ EXE-Scrambler SE (MS Visual C++ 8.0) Freeware - check for false positive
295. Microsoft Visual C++ v7.10/8.0/9.0 DLL - Commercial
296. Borland VCL Component for .NET (Borland Developer Studio 4 (c) 2006 v.10.0.2)
297. PDF2EXE v1.0 CoolPDF Software - www.pdf2exe.com (2006.10) - Commercial
298. RealBasic v.x.x ExE - www.realbasic.com
299. RealBasic v.x.x DLL - www.realbasic.com
300. Aspack vx.x - Alexey Solodovnikov - Commercial
301. FreePascal ver: FPC 1.x.x - Freeware / False Positive (Check AV Product Quality if detected)
302. UPX - (exe) Markus & Laszlo ver. 0.72 OBSOLETE VER. (12.05.1999) ACM*
303. UPX - (dll) Markus & Laszlo ver. 0.72 OBSOLETE VER. (12.05.1999) ACM*
304. ScanTime UnDetectable by MarjinZ (STUD RC4 1.0) Marjinz-Crypter.exe - check for false positive
305. Free Pascal Compiler version 2.0.4 [2006/08/21] for i386 ACM* - check for false positive
306. Active Basic v4.24.00 © 2006.04.08 Discoversoft - www.activebasic.com (Japan) *ACM - check for false positive
307. Aspack v2.0 - Alexey Solodovnikov - www.aspack.com - Commercial
308. Play Basic v.1.0x - 1.63 (2D game creator) www.playbasic.com - check for false positive
309. (exe) UPX obsolete ver. 0.50 - 0.72 - Markus & Laszlo
310. ANDpakk2 v0.06 (Jul 18 2006) Dmitry "AND" Andreev - http://and.intercon.ru - check for false positive
311. ANDpakk2 v0.18 (Jul 16 2007) 2006, 2007 Dmitry "AND" Andreev - http://and.intercon.ru - check for false positive
312. PEiD-Bundle v1.03 by BoB (2007.03.30) - www.secretashell.com/BobSoft - Freeware / False Positive (Check AV Product Quality if detected)
313. Exe Stealth Packer or Protector v.3.16 - www.webtoolmaster.com (NTkrnl) - Commercial
314. 20to4 v2004.04.18 Copyright 2001-2004 20to4.net - check for false positive
315. Borland C++ 1995 DLL *ACM
316. nBinder LIMITED v4.0 2006 - www.nkprod.ro (MSV C++ 8.0)
317. mkfpack llydd (aPlib) 28.05.2007 - check for false positive
318. KByS 0.28 beta EXE (shoooo) china 2006.05.23 *ACM - check for false positive
319. KByS 0.28 beta DLL (shoooo) china 2006.05.23 *ACM - check for false positive
320. Microsoft Visual C++ ver. 8.0 DEBUG / Visual Studio 2005 (FF) *ACM
321. mPack - mario PACKer version 0.0.2 (c) DeltaAziz - check for false positive
322. WinUDA 0.291 clasic sfx 2005 by Dwing http://dwing.51.net - Freeware - false positive if detected
323. Cryptic v2.1 - EXE Crypter Copyright [c] 2007.09.26 Tughack (MS Visual Basic exe stub)
324. aSm Protector v1.0 Copyright [c] 2007.09.29 AT4RE - check for false positive if detected
325. AverCryptor v.1.02beta by Sec|Null os1r1s (2007.08.23) - www.secnull.org - check for false positive if detected
326. Muckis Protector 2 coded 2007 by Mucki *ACM - check for false positive if detected
327. Rewolf DLL packager v1.0 V.2007 http://rewolf.prv.pl - check for false positive if detected
328. x86 Virtualizer ReWolf ( VIII.2007 ) - http://rewolf.pl - check for false positive if detected
329. BeRo Tiny Pascal Compiler http://bero.0ok.de - check for false positive if detected
330. CDS SS V1.0 beta1 (c) CyberDoom [Team-X member] (2005.12.18) *ACM
331. [dUP2 -> diablo2oo2] v.2.16 patchengine (loader installer) - Microsoft MacroAssembler - http://diablo2oo2.cjb.net - Freeware (Check AV Product if Detected)
332. Borland C++ 2002 & 2005 DLL - www.borland.com - Commercial
333. WinUpack 0.37-0.39 by Dwing - http://dwing.51.net (BE&60 sign) - Freeware False Positive (Check AV Product if Detected)
334. Flash2X EXE Packager ver.2.1.0 2007 - http://flash2x.net/exepackager (Borland Delphi)
335. D1S1G PEiD Plugin by D1N (10-24-2007) false positive
336. WinUtilities EXE Protect 2.1 - www.ylcomputing.com (MS C++ 6.0)
337. Hacker's Patcher version 0.07 Veacheslav Patkov ( 2007.09.21 ) - http://patkov-site.narod.ru/eng.html - check for false Positive (AV Product Quality if detected)
338. Enigma Protector 1.35 (2007.10.12)- www.enigmaprotector.com, Vladimir Sukhov - check for false Positive if detected
339. FSG v1.33 F[ast] S[mall] G[ood] - www.xtreeme.prv.pl *ACM - Freeware / False Positive (Check AV Product Quality if detected)
340. FishPE Shield v.1.1x Crypt by HellFish (http://hellfish.ys168.com) - sign NOT TESTED - Trojan / rootkit / hidden sys file / driver see Armadillo / Themida / Oreans.sys
341. Microsoft Visual C++ v4.2 DLL *ACM
342. 32lite DLL [32Lite v0.03a] - check for false Positive
343. FishPE Shield v.2.0.x Crypt by HellFish (http://hellfish.ys168.com) - Freeware / possible trojan / rootkit see Oreans.sys Thermida
344. SmartE protection -> Microsoft (trial/CD check/...)
345. Microsoft Visual Basic v6.0 DLL - commercial
346. Dev-C++ Compiler v4 old - Bloodshed Software (www.bloodshed.net)
347. Dev-C++ DLL ( MINGW 32 v x.x.x )- Bloodshed Software (www.bloodshed.net)
348. PhrozenCrew PE Shrinker (c)1999 by Virogen version 0.71 beta 06/27/99 - Freeware - False Positive
349. DarkCrypt v1.2 priv by DMX (2007.12.25) - Freeware - Check for false positive
350. yoda's Crypter 1.2 http://yodap.has.it (2001.01.14) *ACM - Freeware / False Positive (Check AV Product Quality if detected)
351. yoda's Crypter 1.1 http://yodap.has.it (2000.12.29) *ACM - Freeware / False Positive (Check AV Product Quality if detected)
352. XPack : freeware packer (c)2007 JoKo, Version 0.98 02/18/2007 - www.soft-lab.de/joko/ExePack.htm - AV False positive - Check Quality of AV Product
353. XComp : freeware packer (c)2007 JoKo, Version 0.98 02/18/2007 - www.soft-lab.de/joko/ExePack.htm - AV False positive - Check Quality of AV Product
354. Microsoft Visual C++ ver. 8.0 DLL - Commercial
355. VMProtect v.1.6x (demo) 2003-2008 PolyTech - www.vmprotect.ru - Commercial
356. SIS-Crypt (2005.10.29) - Freeware - Check for false positive
357. Microsoft Visual C++ ver. 3.x (3-4)
358. ExeSax v.0.9.1 EXE encryptor 2006.09.18 - Freeware - Check for false positive
359. Luck007 2.7 GUI (exe) by Luckliuliu@yahoo.com (2007.06.07) only for known friends [non englisch lang] , AV firms hunting innocent to condemn it as Virus
360. WinKrypt v1.0 Copyright © 1999 MrCrimson/WkT!99 *ACM - Check for false positive
361. Xasm v0.02,I32- Compilation compiler,Support macro, api, etc... - check for false positive
362. MiniDcc32 simplified DCC32 Compiler.,do DLL, Console, Services - positive ?
363. ProjectQ QQ Communication Control, open source, Updated ?
364. FishPe Shield 2.02 - Freeware - *possible rootkit or trojan / hidden sys file inject systeme same as by Oreans.sys driver and it's locked reg entries see Armadillo / Themida / Oreans.sys
365. FishNetWar Game Versus,VPN Platform,VLAN 07/11/23 ?
366. FISHIOCP YuAiguo,2007/08/01 - Freeware - Check for false positive
367. FishPe Shield 1.17 - Freeware - *possible rootkit trojan / hidden sys file inject by execution see: driver Armadillo / Themida / Oreans.sys
368. sgfree IOCP Based on IOCP SocketControls, open source - Update -?
369. sgfree RunRe Direct operations in the resource file of the executable file -?
370. sgfree RXSTAR Yulgang Version 1.30, increase revenue with the analysis of ASMCall-Plug info -?
371. Aspack Scrambler 0.1 - Freeware - AV False positive
372. Aspack Scrambler 0.2 - Freeware - AV False positive
373. AntiAV Cryptor 1.0 Copyright ( c ) aNTi 2007 - AV False positive
374. Bambam v0.04 - false positive or real Trojan ?
375. 上兴应用程序加密 1.1 正式版 - Application encryption v1.1 - Freeware - false positive
376. Perplex protector v1.01 - Freeware - false positive
377. nPack v1.1.500.2008 beta Copyright [c] 2008 NE0x Build 02/12/2008 Full Version www.uinc.ru - false positive
378. Phoenix Protector 1.2 - Freeware - false positive
379. Protector Cryptic 2.0 - Freeware - false positive
380. FSG 2.0 plus - Freeware - false positive
381. GIE Protector 0.2 - check for false positive
382. xxpack 0.1 - check for false positive
384. DarkCrypt 1.2 Private - check for false positive
385. PolyCrypt PE v2.1 - check for false positive
386. TrickySigner 1.0 by MCTeam - Freeware - trojan hacktool - check exe [ Morphine ? ] - [ ARTeam PseudoSigner.0.2 rip with a lite renewed database ? ] - not a packer
387. ZealPack / CryptX 1.0 by China Zeal Group - Freeware - false positive
388. CDS SS 1.0 beta 1 - Freeware - false positive
389. ASDPack 2 - Freeware - false positive
390. mPack 0.03 se - check for false positive
391. SimplePack v1.21 - Freeware - check for false positive
392. EPack v1.4 Team-X - Freeware - check for false positive
393. DalKrypt v1.0 by PEArmor - check for false positive
394. SoftDefender 1.12 - Freeware - check for false positive
395. Pohernah 1.0.3- Freeware - check for false positive
396. eXcalibur 1.03- Freeware - check for false positive
397. Anti OllyDBG by ap0x - Freeware - false positive
398. Active PE Scrambler 1.0- Freeware - false positive
399. Anti Kaspersky 1.1- Freeware - false positive
400. ID Application Protector 1.2 version by pavka - check single files separate for false positive
401. STeam App Protector- Freeware - false positive
402. UProtector 2.1- Freeware - false positive
403. String Reference Protector - Freeware - false positive
404. PseudoSigner 0.2 ARTeam (edit Signs in Database file by self, replace all) - Freeware - false positive subfolder \plugins exclude - not a packer
405. averCryptor 1.02 beta- Freeware - check for false positive
406. Sixxpack 2.2 .NET EXE Compressor - Freeware - check for false positive
407. Dxpack 0.86 - Freeware - check for false positive
408. Private Krypt BETA - Freeware - check for false positive
409. Goat's PE Mutilator v1.6 - Freeware - check for false positive
410. RCryptor v1.6d - Freeware - check for false positive
411. Zprotect 1.3 OEM www.zprotect.cn [ No unpacker for viewing code / enigma 1.3x ? ] - Commercial - false positive
412. FakeNinja v2.8x Private version - Copyright [c] 2007-8 Spirit - check for false positive
413. priv8 mEw Crypter - check for false positive
414. Cryptic 2.1 M0D - check for false positive
415. xHacker Crypter
416. h4ck-y0u_Crypt[new] - check for positive
417. Underground Crypter 80% UD - check for positive
418. eXPressor 1.5.0.1 [liCENTA] - check for false positive
419. Hell Crypter v2 VIP Edition - check for false positive
420. PI Cryptor v3 - check for false positive
421. ExE SaX v0.91 - check for false positive
422. L3vEL-69 Crypter FUD, FUD Crypter - check for positive
423. TheDefaced Predator v1.6 - check for positive
424. Crypto Composer - check for positive
425. PolyCrypt 1.2 - check for positive

Armadillo Custom v3.x
Armadillo Custom v4.x
Armadillo Custom v5.x ... sdk
... and many more freeware packer - Need for Protect - Mirror by [ Nytro ] - AUS...

Are the most of them Packer, Compressor, Protectors Virus Creators or False Positive ??? (exclude Binders stub)

Some excellent awards winner AV Products sucks by detection if one from the freeware packers / Protectors is used (exclude UPX) in patches and others?


REM: Commercial Product info are incomplete

some samples by Shareware: Quick Batch File Compiler (a Bat to Exe converter, compiler) http://www.abyssmedia.com/quickbfc/ Shareware from: Abyss Media shown as negative vs. Freeware: Bat To Exe Converter 1.3.x - 1.4 all Versions from www.f2ko.de shown as positive (false positive!!!) in many AV's also see nirsoft's freeware collection.
...

No comments:

Post a Comment