new loader "D2Loader-1.11b02.zip" safe?

[madderThanu]

Has anyone tried the new version of loader (D2Loader-1.11b02.zip)? I saw it at battleforums but no one said if it is safe or not, I send it to virusscan.jotti.org and it says it is ok... but i dont know.

download: http://rapidshare.de/files/4886278/D...11b02.zip.html

File: D2Loader-1.11.exe
Status:
OK
MD5 102c93a5ea90b88130db767b7282c5ac
Packers detected:
-
Scanner results
AntiVir
Found nothing
ArcaVir
Found nothing
Avast
Found nothing
AVG Antivirus
Found nothing
BitDefender
Found nothing
ClamAV
Found nothing
Dr.Web
Found nothing
F-Prot Antivirus
Found nothing
Fortinet
Found nothing
Kaspersky Anti-Virus
Found nothing
NOD32
Found nothing
Norman Virus Control
Found nothing
UNA
Found nothing
VBA32
Found nothing

[sXp]

So noone have try it ? Please if someone did tell us, because the problem with the crack mh maybe its because of the loader.

[Paper183]

it would be nice if someone tested it... cause if it stops errors that would be really great for mh

edit: link does not seems to work

[Causmetics]

So noone have try it ? Please if someone did tell us, because the problem with the crack mh maybe its because of the loader.

MP's MH with easycrack or any other crack I've tried crashes with the original diablo executable, it's not a problem with loader it's likely a problem with the MH itself.

My scenario is confirmed by many others in the same situation.

[slashbomb123]

Its new. The original 1 is b01 and urs is b02. Well i wont trust it since i dunno who made that loader. I wouldnt trust ONLYER cause i think his loader got me banned. Currently, im using 1 made my DARK_MAGE- which i think is safest since i never got banned from using dark_mages loader

[Paper183]

onlyer's loader didnt get anyone banned... it couldn't unless you misused a plugin wich is very unusual

[madderThanu]

Well I was stupid and ran it anyway . my norton internet security didn't give any warning and it seems to work just like the old b01 1.11 loader, there is supposed to be a fix for the C/I when you multi key but i dont have a key to test.

here is the changes from the .txt file:
D2Loader v1.11b02 Sep 09 2005
-----------------------------
Added some code to the resource section to support extra hacks which wouldn't
fit in any other places. This may cause some virus scanners to go crazy since
code shouldn't be running from the resource section :). It's quite safe, just
heuristic scanners may give false positives. This new code section also makes
it much easier to extend D2Loader functionality at a later time if needed.

New in this build is a bnclient.dll patch to generate the bncache name based
on the PID of the D2Loader process. This prevents multiple D2s trying to lock
the file (and subsequently one of them dropping with C/I). If you missed the
point there, multiple D2Loaders can now run on bnet at the same time without
having to copy a ton of .exe/.dll files all over the place.

Also a few minor improvements, SetErrorMode is called on init to prevent the
annoying "No Disc In Drive / Continue/Try Again/Ignore" dialog boxes that can
occur if you run D2Loader with virtual CD and/or empty CD drives. Any fatal
errors such as missing MPQ files on startup are now shown in a message box so
you can actually see what the problem is rather than having the loader exit.
Finally, FlushInstructionCache is called after patches are done to ensure no
problems arise from not doing so.

A word of warning, "Warden" - Blizzard's new hack detection software - can
easily be updated (if it doesn't already) to detect D2Loader usage. You take
a risk as with any 3rd party hacks - while I personally would hope something
as simple as self-muling and running without the CD is fairly harmless, it's
ultimately up to Blizzard. This version of the loader is unable to load any
plugins so it can't be used to load any further hacks, but again, it's your
choice to run it.

here is a picture of it running on bnet:

[slashbomb123]

So does Dark_mages- loader :P Well i can still run 2 diablo 2 at once cause it the priority u set ur Diablo II at. Go to task Manager and make sure Diablo II is set at Normal for the best performance, not Below Normal.

[Guju-]

Arg I tried it and its aint working :/ ill try again..

[reckstar]

doesnt work for me either
edit: it works you have to run it in windowed mode

*Fullscreen/D3d UNTESTED, not recommended!*
in readme

[asgaroth]

patch out sept 13. loader build sept 09. isnt this strange?

[reckstar]

Version History
---------------
D2Loader v1.11b02 Sep 09 2005
-----------------------------

in txt =p maybe he forgot to edit something? =o

[Guju-]

damn shit.. keylogger??

[asgaroth]

i think its for 1.11, not for 1.11b.
this version fixed some things with multiple d2s etc... check the readme...

[reckstar]

actually it works, you just have to start it in windowed mode

[Quantum_C]

can anyone varify that this is NOT a keylogger.....wait nvm ill do that.


I am taking the assumtion that people who have keyloggers (most dont make their own) cant update d2loader anyways ill report back

It didnt work for me (tell me if anyone gets it working)


BUT my best Guess that it is a V1.11 d2loader key logger

As far as i can see it wont work for the new patch

[nsx6]

loader isn't working...don't bother downloading it

[rojak]

doesnt work for me either. gives a line #598 error. =/

[madderThanu]

This was for the original v1.11, now v1.11b is out so this loader no longer work . Maybe we see a new release soon at http://d2loader.webhop.net (in readme?) keep eyes open!

[fernando2682]

***************************************
WARNING - WARNING - WARNING - WARNING
***************************************


This is a report processed by VirusTotal on 09/14/2005 at 16:45:29 (CET) after scanning the file "D2Loader-1.11.exe" file. <table id="resultados" border="0" cellpadding="0" cellspacing="0" rules="all"> <thead><tr><td>Antivirus</td><td>Version</td><td>Update</td><td>Result</td></tr></thead><tbody><tr><td>AntiVir</td><td>6.32.0.3</td><td>09.14.2005</td><td>no virus found</td></tr><tr><td>Avast</td><td>4.6.695.0</td><td>09.14.2005</td><td>no virus found</td></tr><tr><td>AVG</td><td>718</td><td>09.14.2005</td><td>no virus found</td></tr><tr><td>Avira</td><td>6.32.0.3</td><td>09.14.2005</td><td>no virus found</td></tr><tr><td>BitDefender</td><td>7.0</td><td>09.02.2005</td><td>no virus found</td></tr><tr><td>CAT-QuickHeal</td><td>8.00</td><td>09.14.2005</td><td>(Suspicious) - DNAScan</td></tr><tr><td>ClamAV</td><td>devel-20050725</td><td>09.13.2005</td><td>no virus found</td></tr><tr><td>DrWeb</td><td>4.32b</td><td>09.14.2005</td><td>no virus found</td></tr><tr><td>eTrust-Iris</td><td>7.1.194.0</td><td>09.13.2005</td><td>no virus found</td></tr><tr><td>eTrust-Vet</td><td>11.9.1.0</td><td>09.14.2005</td><td>no virus found</td></tr><tr><td>Fortinet</td><td>2.41.0.0</td><td>09.07.2005</td><td>suspicious</td></tr><tr><td>F-Prot</td><td>3.16c</td><td>09.13.2005</td><td>no virus found</td></tr><tr><td>Ikarus</td><td>0.2.59.0</td><td>09.14.2005</td><td>no virus found</td></tr><tr><td>Kaspersky</td><td>4.0.2.24</td><td>09.14.2005</td><td>no virus found</td></tr><tr><td>McAfee</td><td>4580</td><td>09.13.2005</td><td>no virus found</td></tr><tr><td>NOD32v2</td><td>1.1217</td><td>09.14.2005</td><td>no virus found</td></tr><tr><td>Norman</td><td>5.70.10</td><td>09.14.2005</td><td>no virus found</td></tr><tr><td>Panda</td><td>8.02.00</td><td>09.14.2005</td><td>no virus found</td></tr><tr><td>Sophos</td><td>3.97.0</td><td>09.14.2005</td><td>no virus found</td></tr><tr><td>Symantec</td><td>8.0</td><td>09.13.2005</td><td>no virus found</td></tr><tr><td>TheHacker</td><td>5.8.2.106</td><td>09.14.2005</td><td>no virus found</td></tr><tr><td>VBA32</td><td>3.10.4</td><td>09.13.2005</td><td>no virus found</td></tr></tbody> </table>

As you can see, two scanners found it "suspicious." This doesnt mean it has a logger or virus 100% for sure, but it may have a new variant or a custom key logger or virus that has not been discovered yet. Just to be sure, I AM NOT using this and WILL NOT use it. Everyeone, be on the look out.

-Fernando

******************
EDIT:
******************

I have just scanned the D2Loader that was working up until yesterday, with patch 1.11 Diablo, and it the same "suspicious" from DNA scan but does not get the "suspicious" from fortinet. DO what you want with that info, I’m just throwing it out there.