Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: [Full-Disclosure] Norton AntiVirus 2005 treats Radmin as a Virus ??!
From: Ill will (xillwillxgmail.com)
Date: Thu Oct 14 2004 - 09:03:19 CDT
technically no it shouldnt treat r_server.exe or admin.dll as virii ..
first off i modified r_server by changing its icon to a blank icon and
compressed it with upx , so no antivirus so pick up the exe , the dll
i could see as being detected because i didnt modify anything. the
package in total should be detected because the files are only held in
a resource file. so its not hard to determine the dropper portion of
On Wed, 13 Oct 2004 18:08:26 +0200, Noam Rathaus
> On Wed October 13 2004 11:38, Feher Tamas wrote:
> > Ill Will wrote:
> > >oops...
> > >
> > >http://www.illmob.org/0day/ghostradmin.zip
> > Trojandropper.Win32.RDM.a
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.netsys.com/full-disclosure-charter.html
> $ clamscan --version
> clamscan / ClamAV version 0.75-1
> $ clamscan ghostradmin.zip
> ghostradmin.zip: OK
> ----------- SCAN SUMMARY -----------
> Known viruses: 24325
> Scanned directories: 0
> Scanned files: 1
> Infected files: 0
> Data scanned: 0.42 MB
> I/O buffer size: 131072 bytes
> Time: 0.604 sec (0 m 0 s)
> Clam doesn't think its a virus/Trojan/whatever
> Noam Rathaus
> Beyond Security Ltd.
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
Full-Disclosure - We believe in it.