Backdoor found on g6ftpadmin.exe with fprot after updating (maximus)

Discussion in 'other anti-virus software' started by AndyDev, Jul 8, 2006.

Thread Status:
Not open for further replies.
  1. AndyDev

    AndyDev Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    6
    Searching google I got here ;)
    https://www.wilderssecurity.com/showthread.php?t=136830

    So I will try my question here.

    After updating f-prot signatures, I got the attached image.

    I tried installing again g6ftpserver, and I got the same message.

    Then I tried on another pc, and I got the same.

    Is this a false alarm, or is it something I need to worry about it.

    You can get the installation of g6ftpserver here (evaluation):

    http://www.g6ftpserver.com/en/download

    Removed direct download links - url of programs download page will suffice--Bubba
     
    Last edited by a moderator: Jul 8, 2006
  2. AndyDev

    AndyDev Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    6
    Sorry, forgot image.
     

    Attached Files:

    • G6.JPG
      G6.JPG
      File size:
      53 KB
      Views:
      428
  3. EraserHW

    EraserHW Malware Expert

    Joined:
    Oct 19, 2005
    Posts:
    588
    Location:
    Italy
    well, that software allow you to remotely control a pc

    I believe this is why F-Prot detected it. It isn't "really" a FP
     
  4. Inspector Clouseau

    Inspector Clouseau AV Expert

    Joined:
    Apr 2, 2006
    Posts:
    1,329
    Location:
    Maidenhead, UK
    Hi. I'm right now on the apple laptop but i will take a look at it during today. But most likely this would be then at least a "questionable" Application. Since it tries also to mess around with hidden services. And has "Backdoor" abilities.

    As i said i check this out later today and reply here.
     
  5. Inspector Clouseau

    Inspector Clouseau AV Expert

    Joined:
    Apr 2, 2006
    Posts:
    1,329
    Location:
    Maidenhead, UK
    I couldn't resist and looked right now :D Well as you might known those !Maximus at the end are NOT signature detections, they trigger upon special behavior or partly known malicious code. (Heuristic) So it doesn't really suprise me that it triggers on this particular file. However, i will force an update over the weekend to exclude this detection and you should be fine :D
     
  6. EraserHW

    EraserHW Malware Expert

    Joined:
    Oct 19, 2005
    Posts:
    588
    Location:
    Italy
    yep, I believe it detected the remote control component at least
     
  7. AndyDev

    AndyDev Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    6
    Wow, I was not expecting such quick replies.

    Many thanks Inspector Clouseau :D

    For a second I though it was really something that got into two of my systems ;)
     
  8. ASpace

    ASpace Guest


    You may wish to try the new version of F-prot AV on some computer
    It is F-prot 6 . It is still unfinished , I mean beta state, but it is stable software

    http://www.f-prot.com/download/beta-test/
     
  9. AndyDev

    AndyDev Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    6
    Just got the update, thanks for it! works perfectly.
     
  10. Inspector Clouseau

    Inspector Clouseau AV Expert

    Joined:
    Apr 2, 2006
    Posts:
    1,329
    Location:
    Maidenhead, UK
Loading...
Thread Status:
Not open for further replies.