I’m looking forward to deploying PowerArchiver 2023 to my users. Can you tell us when the MSI will be available for download and distribution?
Thanks.
Just tried using the Modern (Windows 10) Icon set and seeing a few missing icons in both PowerArchiver Burner and PowerArchiver Encryption screens . They are all there in the Minimalistik icon set and the only difference I can see is the former is blue and the latter grey. In version 22.00.9
powerarc_2023-09-18_17-00-19.png
powerarc_2023-09-18_17-01-05.png
Hi there,
there were some security issues fixed in 7zip:
https://www.zerodayinitiative.com/advisories/ZDI-23-1165/
https://www.zerodayinitiative.com/advisories/ZDI-23-1164/
As it seems, that PowerArchiver and PACL use the 7zip libraries, could you please update them to the latest version?
Hi,
From where I get PAVD2023.EXE? PowerArchiver 2023 tries to open it.
But it seems, it tries to download PAVD2021.EXE.
Thanks
I noticed that the version of ZPAQ used is older than the latest released 7.15 https://mattmahoney.net/dc/zpaq.html also there seems to be a newer fork that adds several features https://github.com/fcorbelli/zpaqfranz
It would be useful to implement this latest version (it also maintains the same syntax and behavior as the latest official release if used the -715 flag) and add when opening a zpaq file a choice of the version of the files to show (e.g. as dummy folders represented the various versions present). Since any previous changes are stored with this format, it is possible to extract a snapshot of a certain date/version.
If I open a password-protected zipper file (created with WinRAR but I think that’s irrelevant), open it with PowerArchiver and run “Remove Encryption” on the same file, then reopen it and add a password with “Encrypt Archive,” the resulting archive will be protected with the old ZipCrypto algorithm and not AES as indicated.
(this can be verified, for example, by trying to open the archive files with Windows Explorer, which does not support the AES algorithm)
PA 21.00.18 running on Windows 7 64 bit.
I made a big .PA file and thought I’d check it was made correctly with Menu / Actions / Test.
Discovered:
a) PA always issues a UAC prompt to do this!
b) PA always says there are many errors in PA files.
Powarc964.exe causes malware alert in Prevx1
-
When I try to run powarc964.exe to install the latest PA, the malware monitor, Prevx1, prevents it from running. The error is shown here:
IS-681VH.TMP
Determination: Bad
IS-681VH.TMP
AUTOMATED MALWARE PROFILE, ANALYSIS, REMOVAL AND SIGNATURE INFORMATION:
DEFINITION OF: IS-681VH.TMP- Safety Rating: Known Malware, do not run
- Malware Family: Part of Malware group - Covert Sys Exec
- Determination: Automatically determined using Prevx1 centralized heuristics
- Malware Form: EXPLOIT
- Protection: Prevx1 is a very powerful PC security product, it will protect, disinfect, cleanup and remove IS-681VH.TMP and safeguard your PC against viruses, trojans, worms, spyware, rootkits and adware
- New Users: You can download the full Prevx1 product and use it to cleanup and remove IS-681VH.TMP and other infections free of charge, then leave it to monitor your PC for other infections
- First seen: Oct 21 2006 (GMT)
- Last seen: Oct 21 2006 (GMT)
- File Size: 689,152 bytes
MALWARE ASSESSMENT: PREVX 4 AXES OF EVIL METHODOLOGY
1. COVERT ANALYSIS OF: IS-681VH.TMP- File Names Used: 35
- Paths Used: 35
- Common File Name: IS-681VH.TMP
- Common Path: %temp%\is-0gsic.tmp\
- Vendor Information: No Vendor details specified
- Product Information: Setup/Uninstall
- IS-681VH.TMP may use 35 or more path and file names, these are the most common:
- 1 :%temp%\is-1v55a.tmp\IS-AUJIV.TMP
- 2 :%temp%\is-2u1hm.tmp\IS-HSETM.TMP
- 3 :%temp%\is-37902.tmp\IS-TUFH8.TMP
- 4 :%temp%\is-3de7g.tmp\IS-DFU95.TMP
- 5 :%temp%\is-3nhjp.tmp\IS-63SN9.TMP
- 6 :%temp%\is-4qnvd.tmp\IS-FIEFD.TMP
- 7 :%temp%\is-5sk0u.tmp\IS-CB8NE.TMP
- 8 :%temp%\is-7b0ie.tmp\IS-AKRN6.TMP
- 9 :%temp%\is-83u11.tmp\IS-C4425.TMP
- 10:%temp%\is-8ek9q.tmp\IS-KAN4Q.TMP
- 11:%temp%\is-8s49d.tmp\IS-VCHQO.TMP
- 12:%temp%\is-9jp6h.tmp\IS-HSSN2.TMP
- 13:%temp%\is-9m8nd.tmp\IS-9RKTN.TMP
- 14:%temp%\is-9omjg.tmp\IS-GUOH0.TMP
- 15:%temp%\is-agl9s.tmp\IS-AFO7I.TMP
- File Name Structure: Normal
- File and Path Structure: Suspicious, code execution from unusual location
2. RELATIONSHIP ANALYSIS OF: IS-681VH.TMP
- Malicious Objects Created: 1 objects
- Malicious Creators: None
- Malware Run Keys: None
- Self Persists:
- Antivirus Detection: No third party antivirus detection observed
- Anti-Spyware Detection: No third party anti-spyware detection observed
3. ACTIVITY ANALYSIS OF: IS-681VH.TMP
- The following behaviors have been observed for this object:
- Installs programs.
- Deletes programs.
- Creates Run Once Keys.
- Runs temporary programs.
- Runs other programs.
- Creates known malware.
4. PROPAGATION ANALYSIS OF: IS-681VH.TMP
- Malware Group Propagation Rate: Moderate (spreading)
- Malware Group: Covert Sys Exec
- Copyright Prevx Limited 2005, 2006
-
If you know the website of that company or use their product, please let them know of false positive.
Apperantly Inno Setup is considered malware, which is ridicilous?!
So many of these so-called “anti-malware” products are complete garbage.
Please report it and let us know of their website so we can report it as well.
thanks,
-
I did report the false positive. The product is Prevx1 v2.0.5 Build 6 and the web site is www.prevx.com
-
I did report the false positive. The product is Prevx1 v2.0.5 Build 6 and the web site is www.prevx.com
seems to be fixed?
Still, it is pretty incredible that someone can simply tag every install created by one installation tool as malware…
