Full Version: Make Undtectable For F-secure Antivirus?
When i upload now my serv-u is seen as a backdoor by f-secure antivirus, what must i change in the so he don't find it?
i had te same problem
i downloaded the latest verion. patched it with a patcher (i tougth it was from orion)
then i hexed it. I replaced all servu strings with my own one krni386 etc ...
example you change everything into windodaemon (lol) then u got to rename the servudaemon.ini in windodaemon.ini yust dont forget tho add the dll's in your rootkit pakkage. To get rid of the uglu green U icon i used an iconchanger named resourcehacker.
i ran it to different online scanners and my norton coorperate. all clean. i never have seen my servu got deleted on an stro. never. period.
tip: dont change the icon into an skull or something lame. take an windows systemfile icon
I hope i helped u out. There is a lot of info on the forum here regarding hexing etc..
respect
i downloaded the latest verion. patched it with a patcher (i tougth it was from orion)
then i hexed it. I replaced all servu strings with my own one krni386 etc ...
example you change everything into windodaemon (lol) then u got to rename the servudaemon.ini in windodaemon.ini yust dont forget tho add the dll's in your rootkit pakkage. To get rid of the uglu green U icon i used an iconchanger named resourcehacker.
i ran it to different online scanners and my norton coorperate. all clean. i never have seen my servu got deleted on an stro. never. period.
tip: dont change the icon into an skull or something lame. take an windows systemfile icon
I hope i helped u out. There is a lot of info on the forum here regarding hexing etc..
respect
| QUOTE |
| i ran it to different online scanners and my norton coorperate. all clean. |
Never do that !!
Depends a bit on what gets detected as an virii, if it is the .ini then u need a new serial (ur easing a stolen one then). If it is the .exe then u could mod it like partizaan says and / or try packing it with a packer (UPX is commonly used).
yes after ya did the hexedit do a executable (EXE/DLL/etc...) compressor
on it and the file is more secure
and smaller
on it and the file is more secure
and smaller
just hexedit it, pack with upx
done that with mine, no AV detects it
done that with mine, no AV detects it
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
