Hello Marek, >> I think I will not ignore it, at least for the moment. > > thebat.exe is protected against cracking and seems NOD32 detects this, even > I have ESET Smart Security virusbase 3537 and have no warning about exe.
In my first message I said "when downloading completes". So, what NOD32 is analysing with module IMON (for POP3 and HTTP) is the HTTP download of the rar file, and it gives the warning because I have the ThreatSense option "Potentially undesirable applications" (translated from Spanish) selected. This is the warning I get: Time: 20/10/2008 15:49:59 Module: IMON Object: Compressed archive Name: http://www.ritlabs.com/download/files3/the_bat/beta/tb403416.rar Warning: Probably a modified variant of Win32/Packed.Themida If I deselect the above mentioned option, I don't get the warning. It is the first time I get any warning when downloading a tb.rar file, so there must be something new and unique to this one. I get the warning with virusbases 3537 and 3538. But then, if I scan thebat.exe, I get no warning. So, go figure! -- Best regards, Miguel A. Urech (El Escorial - Spain) Using The Bat! v4.0.34.16 (ALPHA) on Windows XP 5.1 Service Pack 3 ________________________________________________________ Current beta is 4.0.34.16 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html
