Radmin, a virus on my computer but not on my mom's

Discussion in 'NOD32 version 2 Forum' started by arghwashier, Jan 8, 2006.

Thread Status:
Not open for further replies.
  1. arghwashier

    arghwashier Registered Member

    Joined:
    May 14, 2005
    Posts:
    16
    Hi,

    I just installed radmin, a remote administration tool. When installing on my computer with defs 1.356 nod stepped in and flagged it as a dangerous application but not on my mothers computer with the same definitions. Why not? Settings for amon are the same too, all options checked.

    Another question, how can I exclude the file in the on-demand scanner? Because I don't want my mom thinking it's a virus and deleting it...
     
  2. alglove

    alglove Registered Member

    Joined:
    Jan 17, 2005
    Posts:
    904
    Location:
    Houston, Texas, USA
    I am not sure why it would be flagged as a dangerous application when you have the same definitions and same AMON settings. So you are saying that AMON --> Setup --> Options --> "Potentially dangerous applications" is checked on both computers?

    By the way, did you install the program the same way on both computers? For example, did you download it from the internet, install it from a CD, etc.?

    Unfortunately, there is no good way to exclude a file from the on-demand scanner, at least not with the current software. A bunch of people have asked for this to be included in version 3.0, but we can only hope. In the meantime, I guess you could turn off "potentially dangerous applications" in the on-demand settings.
     
  3. arghwashier

    arghwashier Registered Member

    Joined:
    May 14, 2005
    Posts:
    16
    Someone PM'ed me saying version 2.2 shouldn't be recognised but here's the log:


     
    Last edited by a moderator: Jan 12, 2006
  4. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Disabling PDA (potentially dangerous applications) should do the trick.
     
  5. arghwashier

    arghwashier Registered Member

    Joined:
    May 14, 2005
    Posts:
    16
    PDA was enabled on both our computers in AMON, I really would like to know why it was picked up on one computer but not the other....
     
  6. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Wasn't it detected generically as a variant of RA application?
     
  7. arghwashier

    arghwashier Registered Member

    Joined:
    May 14, 2005
    Posts:
    16
    No but as Win32/RAdmin.22 application
     
  8. arghwashier

    arghwashier Registered Member

    Joined:
    May 14, 2005
    Posts:
    16
    Any ideas?
     
  9. alglove

    alglove Registered Member

    Joined:
    Jan 17, 2005
    Posts:
    904
    Location:
    Houston, Texas, USA
    Not really, unfortunately. Have you tried scanning again? Maybe the problem will have gone away on its own?
     
  10. gerrya

    gerrya Registered Member

    Joined:
    Oct 21, 2005
    Posts:
    18
    Location:
    Illinois, USA
    I had the same problem of Radmin being detected. Since Files/folders cannot be excluded on scans, my fix was to replace Radmin with UltraVNC. Works just as well for remote control, not so good for file transfer. But at least NOD doesn't complain.
     
  11. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    There was no need to replace it, as stated above leaving potentially applications disabled (default) would leave it undetected.
     
  12. Patrician

    Patrician Registered Member

    Joined:
    Jun 3, 2005
    Posts:
    132
    Doesn't that leave your PC open to potentially applications.

    Trev
     
  13. gerrya

    gerrya Registered Member

    Joined:
    Oct 21, 2005
    Posts:
    18
    Location:
    Illinois, USA
    Well, I installed Radmin so I knew about it. I would like to know if other potentially dangerous applications get installed somehow, so I want to leave that option enabled. That's why I switched to UltraVNC.

    Gerry
     
Thread Status:
Not open for further replies.