Detected: Trojan:Win32/Caynamer.A!ml inside of https://dragokas.com/tools/HiJackThis.zip #212
Comments
|
sync0x, about your political attacks - you messed up something: please, kindly read again the manifest in the description of the project (4th sentence to be exact), which was there for over 8 years in more or less the same form. I don't support British, Americans, weapon, attacks on Crimea, or attacks on Ukraine from anywhere. Where under Ukraine I mean adequate Ukrainian people, not a government, or territory. As about second part: if you're speaking bad about americans, why do you use its protection? Use normal antiviruses which doesn't say bad about my tool (current version 3.0.0.4): https://www.virustotal.com/gui/file/27e90d829e382c8276b0678aaff3efaa40715bc10048619a88db4505dcf12a92 Even more, because of f*king EU certificate authorities who doesn't want to clean up personal data from the certificate violating UE GDPR and our local laws, I refused to sign software with a legal certificate. This thing strengthens the suspicion of antiviruses even more. I can do one of two things: stop development and waste my time for dealing with emails to AV vendors, wait 1 month or more, then update software and again waste time for AV, or I can just focus on development. Well, there is another option: not doing anything at all. And third, it is open source (unlike most of AV utilities), anybody can compile it himself (the instruction is clear) and ensure that the antivirus detection will be the same. Anybody can press "Commits" button => "Compare commit details" => and verify which one changes were made. And the last: it's for understanding the quality of nowadays antiviruses - here is a file I compiled with zero lines of code which doing nothing, there only thing - the Microsoft signed file is included in resources: And of course duplicate of existing issue: #22 |
|
Wasted whole the day to figure out which part of code Antiviruses don't like this time, and to send false reports in AV labs. Please, report is everything OK right now.
|
|
@sync0x Microsoft removed detection from HJT+ v.3.0.0.4 as referred in you post: As about quality of antiviruses: There were only 3 detections at the time of your post. |
|
You are not the only technology professionals in the world who have to
settle for less than what they assert for. It should be pretty obvious with
the general public feigning ignorance of how early networks worked up until
they discovered they could proliferate a US defense department IP
experiment free of charge, with no care whatsoever to the lack of
encryption, or the anonymous free-for-all that stateless packet switching
has brought us; a topology which modern routers with ample quantities of
RAM have no excuse to perpetuate. I don't expect you to approve of my own
countries alliances and activities anymore than we would of America's quest
for an economy that is as close to pure capitalism as it gets.
Thank you for the information supplied.
…On Wed, 7 Jun 2023 at 02:56, Alex Dragokas ***@***.***> wrote:
@sync0x <https://github.com/sync0x> Microsoft removed detection from HJT+
v.3.0.0.4 as referred in you post:
https://www.virustotal.com/gui/file/27e90d829e382c8276b0678aaff3efaa40715bc10048619a88db4505dcf12a92/detection
Waiting for your apology.
As about quality of antiviruses:
[image: image]
<https://user-images.githubusercontent.com/19956568/243767404-b7276b19-38f2-43d8-8873-0eb936386fa7.png>
There were only 3 detections at the time of your post.
You may compare detection names and clearly see which AV steal detections
(or uses someone else's engine).
E.g. Cayunamer - it was a name given by Microsoft which is now not in list.
So, you must understand how hard to remove false positives. It's only a
single version. If I recompile application again, most of those detections
will re-appear again regardless the file is previously reported. And that's
the issue any single developer face with, when the codebase is actively
updated, especially for such "suspicious" type of software as malware
scanner.
—
Reply to this email directly, view it on GitHub
<#212 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AA6LPFU736RACKABQXHAQM3XJ5OBXANCNFSM6AAAAAAYZXY6HU>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
|
Topic is closed. |
Describe the bug
Windows defender reports the latest binary distribution of this utility to contain "Caynamer.A!ml" which I do not consent to receive.
To Reproduce
link in root page of this github project:
Pre-built binary (release version) for Windows
$ sha256sum HiJackThis.zip
7356f5f3b73a7d81ee8a6d3597fc362f0241cf5665cdb4360e79a980bc540060 *HiJackThis.zip
Expected behavior
Neither windows defender nor my choice of commercial antivirus scanner should detect remote access utilities. This defeats the purpose of which I have downloaded this utility product in the first place.
Screenshots
Detected: Trojan:Win32/Caynamer.A!ml
Date: 4/06/2023 3:43 PM
Affected Items:
file: C:\Users________\Downloads\HiJackThis\HiJackThis.exe
Desktop (please complete the following information):
Additional context
It is one thing for you to give us the middle finger for the bombs flying around in your country. If you feel the need to stab us in the back while seeking legitimate solutions to our own security predicaments, to you I say thanks for validating some of the words that are coming out of Dr Evil's mouth. I would have hoped that pure thug had some intolerable provocation behind the dumbest decision of his life, to green light the willful aggression of his Organic Minions of SkyNet.
Thank you for being so willing to not only receive these munitions of which you refer to but to also go on the equivalent of a fundraising drive for them like your lives literally depended on them.
You do not get to allow systemic racism and the organized crime that perpetuates it to fester in your country without consequence. Not even the British nor the Americans can indulge in mob like activities without consequence, as they have learned from me recently.
If you want to look down upon us for our technological predicaments, unaware of the rationale for having our systems designed this way, maybe we ought to concede to the annexation demands levied against you on the basis of corruption which is becoming increasingly evident, and we shall see how you like being betrayed for standing up for yourselves.
I am reporting this exploit as an act of intentional abuse from this project.
The text was updated successfully, but these errors were encountered: