Boomerang

[Axon]

A general, open source, retargetable decompiler of machine code programs




http://boomerang.sourceforge.net/

[strong115]

the boomerang file is infected by a virus , its name is :

Variant:Trojan.Spy.Zbot.Bncb

[Corrupted_Fear]

Most likely a false positive, don't have the resources to check myself, but Axon, being a VIP and respected member, isn't one to post virus infected content here.


edit: just by looking at the index page and the docs for it, looks like a very respectable and well written program. Virus presence is extremely doubtful. Just cuz the antivirus says so doesn't mean its true.

[strong115]

in a computer network there is no such a word called "respect", never trust anyone because i do not know this one in real life , i am in virtual so all possible and regardless the fact that he is VIP and his intentions .. everyone makes  mistakes because howsoever someone is skilled , he is always imperfect...from another part if the boomerang file is not infected , can you tell me why the anti-virus said that it is infected? why the test is false-positive??? and how to tell if the antivirus is wrong how to know that a file is really infected or not ? and most importantly could you please tell me how to find a virus without using an antivirus????can you answer my questions , i am interested in learning throughout your answers

[Corrupted_Fear]

Didn't mean to upset you, but here we do have respect, believe it or not. Just because somebody doesn't know your face doesn't mean they know you as a person. Take for example one of our members Uriah. He signed on about the same time I did, we hit it off relatively well, and through his recent extremely logical and well thought out argument about Anon, Anarchy, and government, he shows himself to be a very knowledgeable person and clearly is able to think things out. The end result being, I have a respect for him, having never met him in my life.


http://evilzone.org/general-galactica/anon-anarchy-and-current-government


Now for the antivirus. I am no expert on the subject, but what an antivirus does is scans a programs code, the actual binary I believe (not sure on that one) and looks for certain patterns that a virus would have, like telling the machine to reconnect to a certain IP, etc. The thing is, these are patterns, and sometimes the AV can be overzealous and if it sees something that just might in any way possible at all pose even a very small threat of danger, it counts it as a virus and jails it. You can usually tell about the reputation of a program by looking at its download page. If its off a random torrent, then you most likely have a virus, if its off a source forge page with lots of support and changelogs and docs with ways to contact the writer, basically very professional looking, then its probably not a virus. You can also monitor what it is trying to do by running it in a sandbox and viewing its attempted connections or file access. As for the finding a virus with an AV, I'm not sure of any set way to just examine a file without an extra tools and coming to the conclusions of a virus or not, but the best thing you can do is set up your security. I have an antivirus and a 3rd party firewall that monitors everything, and most importantly, I watch what I download. Same thing as before, downloading from a shady site without much docs is usually a bad idea. Once again, I am merely in the same boat as you, a beginner, I've just been rowing a bit longer. Perhaps these threads will help:


http://evilzone.org/tutorials/become-an-antivirus


http://evilzone.org/ebooks/the-art-of-computer-virus-research-and-defense

[techb]

lol, run an AV scan for most all `hacking` software and see where it gets you. Cisco wants to block me from even coming to EZ because EZ will ruin my PC.

As long as there is source code, look for yourself and compile it yourself. Let's take a step back from being skids here, if you can understand the source and know what your compiling, then what is there to harm? I have had AVs say my python script using raw sockets is bad...

I will even make it easy for you, you can browse the SVN from your internet browser.
http://boomerang.svn.sourceforge.net/viewvc/boomerang/trunk/boomerang/

[strong115]

techb legend maybe you can help me and give me an advice
i searched for a decompiler because i want to decompile some programs and see the source code of them the problem is the following
whenever I try to use boomering it said to me " load fail" and it seems to me that it said so because the program I tried to decompile (CCleaner) is protected and encrypted so that no one can decompile it for clonage and crack reasons   if I am wrong correct me please

then I tried to use .NET reflector which is unable to decompile exe files as some of them are not NET MODELS and do not contain metadata for .NET assembly environement
there is an other one but it is sponsored it is SPICES decompiler

so can you give me a link for a good efficient decompiler or can you advise me what to do to decompile the programs I want tell me what can I do , guide me in the right way
i want to learn

[strong115]

sorry , i already get the answer
in namespace7 tutorial
http://evilzone.org/reverse-engineering/%28problem%29-how-to-extract-the-source-code-of-any-program/

[Axon]

Most tools used in hacking and security are flagged by AV's as infected files, disable your AV and run a process monitor software, check for any suspicious process.

[ande]

the boomerang file is infected by a virus , its name is :

Variant:Trojan.Spy.Zbot.Bncb

in a computer network there is no such a word called "respect", never trust anyone because i do not know this one in real life , i am in virtual so all possible and regardless the fact that he is VIP and his intentions .. everyone makes  mistakes because howsoever someone is skilled , he is always imperfect...from another part if the boomerang file is not infected , can you tell me why the anti-virus said that it is infected? why the test is false-positive??? and how to tell if the antivirus is wrong how to know that a file is really infected or not ? and most importantly could you please tell me how to find a virus without using an antivirus????can you answer my questions , i am interested in learning throughout your answers

techb legend maybe you can help me and give me an advice
i searched for a decompiler because i want to decompile some programs and see the source code of them the problem is the following
whenever I try to use boomering it said to me " load fail" and it seems to me that it said so because the program I tried to decompile (CCleaner) is protected and encrypted so that no one can decompile it for clonage and crack reasons   if I am wrong correct me please

then I tried to use .NET reflector which is unable to decompile exe files as some of them are not NET MODELS and do not contain metadata for .NET assembly environement
there is an other one but it is sponsored it is SPICES decompiler

so can you give me a link for a good efficient decompiler or can you advise me what to do to decompile the programs I want tell me what can I do , guide me in the right way
i want to learn

sorry , i already get the answer
in namespace7 tutorial
http://evilzone.org/reverse-engineering/%28problem%29-how-to-extract-the-source-code-of-any-program/

I am very rarely this much of an ass. But seriously, you need to learn how to write, behave, use a forum, common sense and knowledge and most of all how to google.