Generic Packed (Trojan)

Discussion in 'Trojan Defence Suite' started by Source, Feb 27, 2005.

Thread Status:
Not open for further replies.
  1. Source

    Source Guest

    Was identified by McAfee but not TDS-3
     
  2. quexx88

    quexx88 Registered Member

    Joined:
    Nov 26, 2004
    Posts:
    235
    Location:
    Radnor, Pennsylvania
    Submit the file to DiamondCS and they will add it to the database.
     
  3. Source

    Source Guest

  4. Detox

    Detox Retired Moderator

    Joined:
    Feb 9, 2002
    Posts:
    8,507
    Location:
    Texas, USA
    Also - if it was "packed" and you don't have TDS set to scan in archives, it won't see it until it attempts execution I do believe.
     
  5. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    All this detection says is "file is compressed". No extra information available, but all you saw was a packer warning. Lots of legitimate files are packed.

    Its not a trojan, no detection added. Its a keygenerator/crack
     
  6. Source

    Source Guest

    McAfee refers to it as a trojan
    http://vil.nai.com/vil/content/v_130817.htm

    Trojan Information: Generic packed
    Discovery Date: 02/23/2005
    Origin: Unknown
    Length: N/A
    Type: Trojan
    SubType: Win32
    Minimum DAT: 4419 (01/12/2005)
    Updated DAT: 4432 (01/12/2005)
    Minimum Engine: 4.3.20
    Description Added: 01/12/2005
    Description Modified: 01/12/2005 8:57 AM (PT)

    Thanks for your help Gavin. Is this a false positive by McAfee then?
     
Thread Status:
Not open for further replies.