PDA

View Full Version : daemon333.exe a trojan horse?



grumpel
01.10.2003, 00:05
i browsed my hd recently and my AntiVir proggy reported this:

http://mitglied.lycos.de/grumpelpumpel/hc_002.gif

LocutusofBorg
01.10.2003, 00:11
simple answer:

no, Daemon Tools isn't a trojan horse, virus or similar malware.
Your Virusscanner is crap, that's all

You can download daemon333.exe and send it to experts to proof our statements, like symantec or similar institutions

Andareed
01.10.2003, 00:17
Setup is packed with winrar, which uses upx. Virus scanners will sometimes claim that upx is a virus because of the way it unpacks.

LocutusofBorg
01.10.2003, 00:25
Hehehe, what a crap Virusscanner, if every file is identified as virus, simply because it's rar-packed, you can better trust your nose instead of the virusscanner. I prefer f-prot, even Norton Antivirus is a good solution (and moreover doesn't identify daemon tools as virus/trojan)

What's strange is, that your scanner identify our program as trojan - or to be more specific, an icq-flood script, if I understand the message right.
really strange

grumpel
01.10.2003, 15:27
im pleased with it so far... no $ for comercial stuff :/

LocutusofBorg
01.10.2003, 16:53
It's not my task to tell you what scanner you should use, but if a scanner can't tell the difference between a simply upx-packed archive or a trojan, it isn't even worth $0. At least when it comes to security I prefer professional solutions - that doesn't mean it must cost a thing.

johngalt
03.10.2003, 06:35
OMG, yes, there was a free one back several years ago - can't remember the name of it, but it got rave reviews - until some serious testing was done on it. Turned out the author had a falling out with his G/f and the AV program would rename files that had his g/f's name in it . I cannot remember it now, but I recall it came out around the same time as the original F-prot, I think.

masashi
26.01.2004, 15:18
i browsed my hd recently and my AntiVir proggy reported this:

http://mitglied.lycos.de/grumpelpumpel/hc_002.gif

Nsaneice
28.03.2004, 05:39
The reason your Anti-virii sees UPX as a Trojan is becuase most IRC bots, and warez files are packed with UPX...

So its doing its job.
(hope I am not banned for this answer)

LocutusofBorg
29.03.2004, 01:58
no, we don't ban someone for unprofessional answers. But if you want to
be taken serious, you should first READ this thread (because we already
mentioned that it's possible that the mentioned scanners simple have a
problem with upx-packed files)

and more important, second: this is simple bullshit. Nowadays, many
virii comes as .exe files or even crypted .zip-archives. Should it ban all
.exe and .zip-archives as well? If a scanner is unable
to tell the difference between a upx-packed file and malware, it's worth
NOTHING (even if it's a free solution, it's simple crap!)

Maybe I create a new kind of virus-scanner, with a pop-up box in case
you download a file: "Warning: You download a file!!!! This file may contain
a virus!!! delete it immediately!!"