[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <734063a30603040441v3beb90d5n7faab639859c8dd7@mail.gmail.com>
Date: Sat, 4 Mar 2006 14:41:45 +0200
From: "Alexander Hristov" <joffer@...il.com>
To: "ad@...poverflow.com" <ad@...poverflow.com>
Cc: Full Disclosure <full-disclosure@...ts.grok.org.uk>,
bugtraq@...urityfocus.com
Subject: Re: DSplit - Tiny AV signatures Detector
Well clamav is the best AV for no money and its very good developed
again for no money :)
On 3/4/06, ad@...poverflow.com <ad@...poverflow.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> and it clearly shows clamav is a crap antivirus where the tools like
> DSplit are a problem for them,
> and they will detect DSplit when they can't find a better way to
> detect virus.
>
>
>
> Alexander Hristov wrote:
> > Clamav detects it and can unrar it with the unrar module
> >
> > On 3/3/06, ad@...poverflow.com <ad@...poverflow.com> wrote: DSplit
> > is the small brother of an old tool known as UKsplitter wich is now
> > abandonned, does not work in vmware, fails to run under windows
> > 2003.
> >
> > DSplit has been coded for persons like me, targeted by AV firms and
> > I'm not responsible of the bad uses of it, I recall this method is
> > known since a long time and it's up to the AV firms to review their
> > detections software.
> >
> > http://heapoverflow.com/dem0s/Dsplit-patching_DFind_on_Symantec_Corporate.htm
> > http://getdsplit.class101.org
> >
> > usual critics , flames, can be directly sent to the Recycle Bin :>
> >>>
> > _______________________________________________ Full-Disclosure -
> > We believe in it. Charter:
> > http://lists.grok.org.uk/full-disclosure-charter.html Hosted and
> > sponsored by Secunia - http://secunia.com/
> >>>
> >
> >> -- Best Regards, Aleksander Hristov < root at securitydot.net > <
> >> http://securitydot.net >
> >
> >
> >
> >
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.2 (MingW32)
>
> iQIVAwUBRAmFIK+LRXunxpxfAQIfpw/+IRX6K3to4PGa9VDuJOyVjeOTofqLVAAX
> OcS1q1ECyzgrHotFSb9VzLLZHOiiPxZeUEbOici+rjG3av5LyYYrrzFumcOzHzt0
> gzC9xZLyy6kIzBUjF5RExNNdurNPJOzEWLNCHbcLPT0yPh3IOtuSVfDJjZIV4ESq
> GRSeCtc0Hx6pGzamtnfUVzROma580CvV7SdpgWHpuopUdaIhzVjJOVtRwfXTaD2H
> DFI7tnBuKdsnG6XpsbQIuBEzlaT2y0iPX22qAukdgcsdJ5+1MK/LcICCKJbHmd1m
> uTCv/1arZEo+bc29lnMfqlyMSjNvlSe84/IA7trRZZZAnKpNULXtsrFKc8kMrGoG
> 59FBuUI7Mr+TEF5BB+gavxBSMZpe3hIMkggytXZTCt4jqfOCI/6OY9To5mPpkgac
> 2zoYVG7lDH90PTUgzoF0gcHPd4kbsxjiS2gSmRX050XnvT56i3IRZPE25cjA3iJx
> 9aLj41nmN3aHw2xAnIlbsXX9PkE5UZGL97ijifgfO7fW6Hf8TcdW3ZKIaFxM0+3h
> TBHXPpWLSXTretDER46S+e4w4nt6aaqDkna84Bcdo9UkCDIt1gfKMD2IKTTcUMWb
> rOBVh/YxBBrDayE7bkT/TEy697eTF3NZajCNDqyBqCKCQZOVCKICGPbYBUWI4kIH
> RDdNjcudUuw=
> =iAHW
> -----END PGP SIGNATURE-----
>
>
--
Best Regards,
Aleksander Hristov < root at securitydot.net > < http://securitydot.net >
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists