Re: [Full-Disclosure] Norton AntiVirus 2005 treats Radmin as a Virus ??!

From: Noam Rathaus (noamr_at_beyondsecurity.com)
Date: 10/13/04

Next message: Noam Rathaus: "Re: [Full-Disclosure] RE: ASP.NET cannonicalization issue"

Previous message: S G Masood: "Re: [Full-Disclosure] my first orgasem"
In reply to: Feher Tamas: "[Full-Disclosure] Norton AntiVirus 2005 treats Radmin as a Virus ??!"
Next in thread: Ill will: "Re: [Full-Disclosure] Norton AntiVirus 2005 treats Radmin as a Virus ??!"
Reply: Ill will: "Re: [Full-Disclosure] Norton AntiVirus 2005 treats Radmin as a Virus ??!"
Reply: Nick FitzGerald: "Re: [Full-Disclosure] Norton AntiVirus 2005 treats Radmin as a Virus ??!"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: full-disclosure@lists.netsys.com
Date: Wed, 13 Oct 2004 18:08:26 +0200

On Wed October 13 2004 11:38, Feher Tamas wrote:
> Ill Will wrote:
> >oops...
> >
> >http://www.illmob.org/0day/ghostradmin.zip
>
> Trojandropper.Win32.RDM.a
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
$ clamscan --version
clamscan / ClamAV version 0.75-1

$ clamscan ghostradmin.zip
ghostradmin.zip: OK

----------- SCAN SUMMARY -----------
Known viruses: 24325
Scanned directories: 0
Scanned files: 1
Infected files: 0
Data scanned: 0.42 MB
I/O buffer size: 131072 bytes
Time: 0.604 sec (0 m 0 s)

Clam doesn't think its a virus/Trojan/whatever

-- 
Noam Rathaus
CTO
Beyond Security Ltd.
http://www.beyondsecurity.com
http://www.securiteam.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Next message: Noam Rathaus: "Re: [Full-Disclosure] RE: ASP.NET cannonicalization issue"

Previous message: S G Masood: "Re: [Full-Disclosure] my first orgasem"
In reply to: Feher Tamas: "[Full-Disclosure] Norton AntiVirus 2005 treats Radmin as a Virus ??!"
Next in thread: Ill will: "Re: [Full-Disclosure] Norton AntiVirus 2005 treats Radmin as a Virus ??!"
Reply: Ill will: "Re: [Full-Disclosure] Norton AntiVirus 2005 treats Radmin as a Virus ??!"
Reply: Nick FitzGerald: "Re: [Full-Disclosure] Norton AntiVirus 2005 treats Radmin as a Virus ??!"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: [Full-Disclosure] Antivirus/Trojan/Spyware scanners DoS!
... clamscan / ClamAV version 0.71 ... Scanned files: 1 ... Infected files: 1 ... Founder of Mantis Security Networks ...
(Full-Disclosure)
Re: rc.local question/problem (partly solved w/ setenforce=0)
... |> be causing clamscan to be more active. ... | If I am running prelink, ... |> | The second question is why wouldn't selinux be defaulted to allow clamav ... Regarding chkconfig, it's a tool to control which start/stop scripts get ...
(Fedora)
Re: freshclam & clamav questions
... running clamav is pretty worthless. ... just do periodic scans with clamscan. ... that command gives you the actual permissions of that dir, ... Tells me I believe that only root has write permission. ...
(comp.os.linux.security)
[opensuse] Who said Linux doesnot get Virus infections
... As you know clamAV provides NO realtime virus detection ... and from time to time we all need to execute a clamscan ... an infected file or execute an infected .bin file ...
(SuSE)
Re: Netsky Problem on FreeBSD [really]
... >> We have some Samba shares on a FreeBSD server, ... The windows machines have ... > Install clamav or clamav-devel and then use clamscan to scan all of the ... Does Clamav or Clamav-devel work on base64 files ?. ...
(comp.unix.bsd.freebsd.misc)