Techsmith Products Hook

[CodeCracker]

https://www.virustotal.com/gui/file/e4f32d000f0d02380aadbf91785650ca8baee1519baf6becc439b7293d7b4f0b

trojan.scarletflash/themida

Alibaba Packed:Win64/Themida.5b4b1a04
ESET-NOD32 A Variant Of Win64/Packed.Themida.L Su

Com'on!
From what I could tell the file is protected by Themida so this is why is flagged.

[vetgrapje]

Quote:

Originally Posted by CodeCracker

https://www.virustotal.com/gui/file/e4f32d000f0d02380aadbf91785650ca8baee1519baf6becc439b7293d7b4f0b

trojan.scarletflash/themida

Alibaba Packed:Win64/Themida.5b4b1a04
ESET-NOD32 A Variant Of Win64/Packed.Themida.L Su

Com'on!
From what I could tell the file is protected by Themida so this is why is flagged.

Thank you for your reply and checking out the file, The version I had downloaded before differs from the original version (This topic). I searched if Jasi2169 released a different version of this hook before, this does not seem to be the case so I assume the version I had downloaded before is bundled with something else. I can't think of a good reason to pack a perfectly functioning hook with something other then a virus.

Thanks Jasi2169 I'll have to check out "tsrh team forums", (I'm not finished reading topics on this forum yet, reserve engineering and patching is very interesting to me, I may have found a new hobby )

[Jasi2169]

Quote:

Originally Posted by CodeCracker

https://www.virustotal.com/gui/file/e4f32d000f0d02380aadbf91785650ca8baee1519baf6becc439b7293d7b4f0b

trojan.scarletflash/themida

Alibaba Packed:Win64/Themida.5b4b1a04
ESET-NOD32 A Variant Of Win64/Packed.Themida.L Su

Com'on!
From what I could tell the file is protected by Themida so this is why is flagged.

Plus leaked themida we all use in scene i guess, i never checked though

[Moe]

Quote:

Originally Posted by Jasi2169

Plus leaked themida we all use in scene i guess, i never checked though

"We all" ? No... Most crackers do not use such leaked packers since they get blacklisted on most of modern windows systems. You can check if you don't believe me.

[Jasi2169]

Quote:

Originally Posted by Abdul Moeed

"We all" ? No... Most crackers do not use such leaked packers since they get blacklisted on most of modern windows systems. You can check if you don't believe me.

I dnt know abt ur experience, since last decade i have seen, the releases are packed most of the time, to save its integrity , no one will purchase or use purchased protectors own copies on cracks and stuff.

Some might use open source as well, but once the release is packed most AV companies just mark it as virus false positive without taggent or know publisher tag.

Even mine purchased eazfuscator and it was marked as virus on packed a simple file, just a signature based games