General [M]ayhem

Go Back   General [M]ayhem > Real Time Sub-Forums > CompuGlobalHyperMegaNet
Register Members List Mark Forums Read [M]erchandise Calendar

Reply
 
Thread Tools
DepecheMode
 
Snadboy's Revelation...

Greetings,

After researching and acquiring this handy Wi-Fi packet sniffer/Analyzer, I went to install it and AVAST promptly picked up Malware.

The message read: "Win32:Snadboy [Tool] has been found in...."

My question is as follows: Should this be considered an attack on my laptop and the program be discarded?

TIA.

Dm
__________________
"Why should I want to make anything up? Life's bad enough as it is without trying to invent any more of it."

c636f0d2d45c7827681c3ed40e049f60
Old 08-22-2006, 12:48 PM DepecheMode is offline  
Reply With Quote
#1  

Advertisement [Remove Advertisement]

Assyrian
 
Assyrian's Avatar
 
You tried installing it. Unless you don't think friendly fire is an attack, then don't consider it an attack.
__________________
wat

twitter.com/thespazz
Old 08-22-2006, 12:51 PM Assyrian is offline  
Reply With Quote
#2  

SnarkFish
This post probably contains a URL
 
SnarkFish's Avatar
 
snadboy's revelation is a tool to view the passwords hidden behind the *********
if you consider that malware and you did not put it on there, then treat it as such
__________________
"That fucker always wins the URL competitions. I think he sold his soul to Google." -fly
the MD5 incident - www.genmay.net/showthread.php?p=1325652#post1325652
Old 08-22-2006, 12:54 PM SnarkFish is offline  
Reply With Quote
#3  

DepecheMode
 
Quote:
Originally Posted by Assyrian
You tried installing it. Unless you don't think friendly fire is an attack, then don't consider it an attack.

My apologies sir, I consider "Hidden Gems" such as Malware...an attack.
My initial goal for this thread was to asses whether AVAST incorrectly judged the executable file for the program as Malware.
I hoped that past experiences from the sage advisors on this board could direct me in the correct action to take.

Thank you,
Dm
__________________
"Why should I want to make anything up? Life's bad enough as it is without trying to invent any more of it."

c636f0d2d45c7827681c3ed40e049f60
Old 08-22-2006, 12:59 PM DepecheMode is offline  
Reply With Quote
#4  

Zypher
 
most virus scanners will pick up stuff like port scanners and remote administration tools and treat them as viruses. you can usually turn off this 'feature' somewhere in the virus scanner preferences
Old 08-22-2006, 12:59 PM Zypher is offline  
Reply With Quote
#5  

DepecheMode
 
Quote:
Originally Posted by SnarkFish
snadboy's revelation is a tool to view the passwords hidden behind the *********
if you consider that malware and you did not put it on there, then treat it as such

Thank you for the correction, I incorrectly described the program, confusing it with my recent acquisition of EtherPeek.
__________________
"Why should I want to make anything up? Life's bad enough as it is without trying to invent any more of it."

c636f0d2d45c7827681c3ed40e049f60
Old 08-22-2006, 01:00 PM DepecheMode is offline  
Reply With Quote
#6  

SnarkFish
This post probably contains a URL
 
SnarkFish's Avatar
 
Quote:
Originally Posted by DepecheMode
Thank you for the correction, I incorrectly described the program, confusing it with my recent acquisition of EtherPeek.
really the only way i can see snadboy's revelation as malware was if there was also a remote control or VNC client installed. otherwise it serves no purpose to a remote attacker (unless there's some backdoor in it, but i don't think it even tries to go online, or has an online component at all)

edit: well, if your physical security was compromised, it could also be considered malware
__________________
"That fucker always wins the URL competitions. I think he sold his soul to Google." -fly
the MD5 incident - www.genmay.net/showthread.php?p=1325652#post1325652
Old 08-22-2006, 01:15 PM SnarkFish is offline  
Reply With Quote
#7  

DepecheMode
 
Quote:
Originally Posted by SnarkFish
really the only way i can see snadboy's revelation as malware was if there was also a remote control or VNC client installed. otherwise it serves no purpose to a remote attacker (unless there's some backdoor in it, but i don't think it even tries to go online, or has an online component at all)

edit: well, if your physical security was compromised, it could also be considered malware

I will keep that in consideration.
Thank you.

Dm
__________________
"Why should I want to make anything up? Life's bad enough as it is without trying to invent any more of it."

c636f0d2d45c7827681c3ed40e049f60
Old 08-22-2006, 01:42 PM DepecheMode is offline  
Reply With Quote
#8  

Reply


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump



All times are GMT -7. The time now is 08:10 AM.



Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.