Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Norton AntiVirus 2005 treats Radmin as a Virus ??!
From: Ill will <xillwillx () gmail com>
Date: Thu, 14 Oct 2004 10:03:19 -0400

technically no it shouldnt treat r_server.exe or admin.dll as virii ..
first off i modified r_server by changing its icon to a blank icon and
compressed it with upx , so no antivirus so pick up the exe , the dll
i could see as being detected because i didnt modify anything. the
package in total should be detected because the files are only held in
a resource file. so its not hard to determine the dropper portion of
it


On Wed, 13 Oct 2004 18:08:26 +0200, Noam Rathaus
<noamr () beyondsecurity com> wrote:
On Wed October 13 2004 11:38, Feher Tamas wrote:
Ill Will wrote:
oops...

http://www.illmob.org/0day/ghostradmin.zip

Trojandropper.Win32.RDM.a

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
$ clamscan --version
clamscan / ClamAV version 0.75-1

$ clamscan ghostradmin.zip
ghostradmin.zip: OK

----------- SCAN SUMMARY -----------
Known viruses: 24325
Scanned directories: 0
Scanned files: 1
Infected files: 0
Data scanned: 0.42 MB
I/O buffer size: 131072 bytes
Time: 0.604 sec (0 m 0 s)

Clam doesn't think its a virus/Trojan/whatever

--

Noam Rathaus
CTO
Beyond Security Ltd.

http://www.beyondsecurity.com
http://www.securiteam.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html



-- 
- illwill
http://illmob.org

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]