Now up to 25 free tools ...
http://www.diamondcs.com.au/downloads/consoletools.zip

ErrorDesc - If you've ever been frustrated by unhelpful error numbers like "Error #82 occurred" this tool can help. You simply give it the error number and it will query the operating system for a description about that error number. It also queries an internal database of over a thousand NTStatus error codes.

BIOSDump - An MS-DOS-based tool that allows you to view BIOS (and extensions which it scans for) and also save as files.

MemDump - Also an MS-DOS-based tool, this allows you to view memory from 0000:0000 to FFFF:FFFF. For example, "memdump F000:FFF5, 8" will show your BIOS date - BIOS itself can be found at F000:0000.

Htm2Txt - You can easily save web pages as text from your web browser but I needed to do this with a lot of files, so I put this tool together to allow for large-scale batch conversions. Most people won't get any use out of this tool but seeing as I had to write it anyway I've thrown it into the collection for those who may need it.


The console tools haven't been officially released yet as we're still testing and adding to the collection, so they can be considered betas and feedback is welcome

Of course it is a false positive but interresting, when I download with Internet explorer NOD32 gives me this
And when I download it with Firefox it gives me an error : {QUOTE-> "Consoletools.zip could not be saved, because the source file could not be read" <-QUOTE}
Any ideas?

You know you can trust the files, so don't worry.

{QUOTE-> You know you can trust the files, so don't worry. <-QUOTE}

Yes I know DiamondCS can be trusted, I am not worried at all :)
Just a bit curious why it happens.

My guess is that NOD is probably scanning inside the ZIP and detecting that one or more files is packed with an executable compressor that it isn't aware of (hence the loose generic detection rather than any specific names). I'll alert Happy Bytes to have a look for me, as all our programs are compressed in the same way, but you've already come to the correct conclusion in that the files are perfectly safe and incorrect generic detections from anti-virus scanners are not uncommon. :)

Thanks for your reply and explanation, Wayne.

False Positive or better not really a false positive, but the heuristic thinks this looks suspicious. It looks indeed suspicious (from the view of asm opcodes and how they take place) but the file is completely free of malware.
Will be fixed with one of the next updates.

Ok, sorry guys, i was pretty much busy.

So...

First comment: Wayne please replace the file openports.exe in this ZIP file with a valid PE32 executable. The file what you provide there is damaged.
In technical details the RVA of the last section is messed up - this results in a damaged Win32 Application because the Loader refuses to load such damaged section. This also was the problem with the heuristic: The file looks "like" a dead-infected fileinfector victim. However it isn't infected.

The original openports.exe, which you can download manual doesn't have this problem since it's a proper win32 executable.

Mike

how do you run them from batch files?

I'm trying to get cmdline.exe to work.. I put a pause command but it still closes itself...


start "" "C:\files\consoletools\cmdline.exe" /?
pause

{QUOTE-> First comment: Wayne please replace the file openports.exe in this ZIP file with a valid PE32 executable. The file what you provide there is damaged. <-QUOTE}
It's a valid PE exe alright - the program runs doesn't it? :)
I'll message you more details soon

Cheers,
Wayne

No the program doesn't run. 500.000 tries - 500.000 crashes. Windows XP, Windows 2000. (Even Dr. Watson catches this one)

Ahh! Ok, yep that version is definately corrupted. If it isn't alerting on any of the other tools then that's fine, I'll just rebuild openports.exe and reupload. Cheers!
ps. i've cleared my inbox *sigh* :)