Virus found by NAV2003 in TDS3 demo

While running TDS-3 (demo) for the first time (it's still running now), Norton Antivirus alerted that virus Hacktool.Exebin was found in ..\TDS3\xDynamic\TDS.Unpk\exebindev.exe.

Has anyone else seen this?

 

RE: Virus found while running TDS-3 demo

I identified the TDS-3 path, and the virus name, incorrectly.

Found by Norton Antivirus 2003 while running the demo. I just downloaded and installed it today, and it's still scanning.

This is the alert I received from NAV:

Object Name: ..\TDS-3\xDynamic\TDS.Unpk\exebinder.exe

Virus Name: Hacktool.exebind

Action Taken: Unable to repair this file


Here is what the Symantec site says about this "virus"

"Hacktool.Exebind itself is not a virus, worm, or Trojan. It is a tool that is used by hackers to bind several executable files into one big distributable package. This tool is frequently used by hackers who create Trojan horses. Norton AntiVirus will detect all Trojan horses that are created by this tool.

If you have a file that is detected as Hacktool.Exebind, it is most probably a Trojan Horse. It is recommended that you submit this file for further analysis, or simply delete it."

Does this imply that DiamondCS are using this tool to pack the program, or do I have a problem?

 

RE: Virus found while running TDS-3 demo

Hi Bruce, no this is not what happened.
The file must be / have been on your system. TDS uses that folder to unpack a file for deeper scanning. Normally it is deleted afterwards, so why this didn't happen this time i'm not sure.
If you scan this same file with TDS, do you get an alarm on it?
And of course i like to know if there is any other place on your system where the same file is found?
And i would really advice you to zip the file and send it to submit@diamondcs.com.au so Gavin will advice you what next to do, and which measures to take if necessary.
It's always good to know your submission is helpful for the internet community as a whole.

Of course i do hope it's a false positive, and if not there might be more files to look for, so don't hesitate too long with your submission! thanks and keep us posted!

Also make suer after the TDS install you get the update from the site, put it in the TDS-3 directory and (re)start TDS.

 

Must have EXEBinder in a zip somewhere, TDS unzipped it to scan it, and the AV jumped in. TDS couldnt scan it or delete it, because the AV locked it (to protect you) Just delete it

 

that strange i have updated tds 3 and updted norton never said that to me


but that stuff happends with other programs

 

Hi Blaze, not seen you in this area for a while!
Were your nasties in zipped form and kept inthere?

 

nah i stop playing with the nastys tds and boclean kept catching them all lol

i was hopeing to find one so i can claime dicovering it and name it after me lol

no such luck jason and them boys have a daily updated data base and i get update alerts from boclean every day now.

so gave up im to secure on this pc lol

of course i just painted a bulls eye on my pc saying that but hopefully if i get hacked i can ask the guy thats doing it how he got threw and how i can fix it so it dont happen algain.

most hackers got twisted or playful since of huemor there not milichiosley evill just very curiouse people

 

Unfortunately some are really destructive too, not all just playing kids.

Blaze i had some nasty a few weeks ago which was a spybot which was infected by a virus and got infected by another virus again, very nice sample, KAV didn't discover nothing in it, Gavin did. Could not name it to myself of course, wouldn't have liked that either, as it was something existing already and i wouldn't like my name connected to some nastyness.
I was proud with the sample of course.

But good to read you're on the bright side of whatever you're doing!

 

im just hanging out reading tds stuffs enjoying the bord

espechialy the new posters very refreshing

 

we all learn from every question, lots of new info!
Glad you enjoy it too and to play with your tools!

 

HMMMM YOU THINK IF I GET LIKE A S#$% LOAD OF NEW SUBSCRIBERS FOR TDS A SIGNIFICANT NUMBER WAYNE AND GALVIN WLL HIRE MORE TDS STAFF SO THEY CAN START ON

MAY I GET A DRUM ROLL PLEAS LOL

Dimond antiviruse pro

 

i know its a dream but how many subscribers would you think it take to motvate such a bold move

 

We're happy enough with the trojans, worms, keyloggers, dialers, bots, drats, snakes, exploits, scrip, polymorphs, the whole lot, what to do with viruses?
Better specialize in something and be the best in that; the whole world is shaking already each time DCS brings another new tool or application for us!

New staff? for even more support? or building more products then the betatesters can taste before public release?

Nice things happening here, true!