lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <47fe506041014070361d7e56b@mail.gmail.com>
From: xillwillx at gmail.com (Ill will)
Subject: Norton AntiVirus 2005 treats Radmin as a Virus ??!

technically no it shouldnt treat r_server.exe or admin.dll as virii ..
first off i modified r_server by changing its icon to a blank icon and
compressed it with upx , so no antivirus so pick up the exe , the dll
i could see as being detected because i didnt modify anything. the
package in total should be detected because the files are only held in
a resource file. so its not hard to determine the dropper portion of
it


On Wed, 13 Oct 2004 18:08:26 +0200, Noam Rathaus
<noamr@...ondsecurity.com> wrote:
> On Wed October 13 2004 11:38, Feher Tamas wrote:
> > Ill Will wrote:
> > >oops...
> > >
> > >http://www.illmob.org/0day/ghostradmin.zip
> >
> > Trojandropper.Win32.RDM.a
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.netsys.com/full-disclosure-charter.html
> $ clamscan --version
> clamscan / ClamAV version 0.75-1
> 
> $ clamscan ghostradmin.zip
> ghostradmin.zip: OK
> 
> ----------- SCAN SUMMARY -----------
> Known viruses: 24325
> Scanned directories: 0
> Scanned files: 1
> Infected files: 0
> Data scanned: 0.42 MB
> I/O buffer size: 131072 bytes
> Time: 0.604 sec (0 m 0 s)
> 
> Clam doesn't think its a virus/Trojan/whatever
> 
> --
> 
> Noam Rathaus
> CTO
> Beyond Security Ltd.
> 
> http://www.beyondsecurity.com
> http://www.securiteam.com
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
> 


-- 
- illwill
http://illmob.org

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ