Download TrojanHunter Now
Free 30-day trial!
Latest TrojanHunter Version:
TrojanHunter 5.0
Order Now
License file delivered within minutes.
Welcome, Guest. Please Login or Register.
Sep 30th, 2008, 6:59pm
   Mischel Internet Security Forum
   TrojanHunter
   TrojanHunter Guard (Moderators: Helena, Gavin_Coe, Magnus)
   GhostRAdmin.100		 « Previous topic | Next topic »
Pages: 1  Reply Reply  Notify of replies Notify of replies   Send Topic Send Topic   Print Print
   Author  Topic: GhostRAdmin.100  (Read 1161 times)
Zorathustrian
Newbie
*





   


Posts: 6
GhostRAdmin.100
« on: Jul 22nd, 2005, 5:10am »		 Quote Quote  Modify Modify
I've Recently installed TH v.4.2 *registered* but have run across a few issues
Frist off, TH guard is alerting me to the fact the i've installed a remote administration program, detecting is as "GhostRAdmin.100"
I've see one other topic on this form regarding the same issue but apperantly it's for an older version of TH,  the version i'm running does not have an "advanced mode" or any possible way for one to delete or add to the process rules list or ports list that i can see.    
-I've tried adding the files to the "ignore list" without success.  
-Download the lastest updates and restarted, still recieving popups.  
 
After i let TH clean the file in question, ofcourse it no longer worked, which is to be expected, but is there a way to view the history or a log file to see what has been detected and cleaned or when it runs scans or updates?
 
any help would be greatly appreciated
 
     
IP Logged
Magnus
Administrator
*****



Ad astra per aspera.

   
WWW  

Posts: 4105
Re: GhostRAdmin.100
« Reply #1 on: Jul 22nd, 2005, 5:14am »		 Quote Quote  Modify Modify
Hi,
 
Unfortnately there is currently no way to ignore a detection in TrojanHunter Guard. If you would like, I can email you a pre-release version of the next TrojanHunter Guard build that respects the TrojanHunter Scanner ignore list. This way you could add the file in question to the ignore list, and hte Guard would not detect it.
 
You can find the file that has been detected by searching for a file with a .tcf extension. Removing this extension will allow the program to function normally again.
IP Logged
Zorathustrian
Newbie
*





   


Posts: 6
Re: GhostRAdmin.100
« Reply #2 on: Jul 22nd, 2005, 5:23am »		 Quote Quote  Modify Modify
If you could email me that pre-release version, it would much appreciated.    
 
Thanks for your help
IP Logged
Randy_Bell
Global Moderator
*****




TrojanHunter is the Best!

40416585 40416585   randybell_98   atmrover
WWW   Email

Gender: male
 Posts: 2883
Re: GhostRAdmin.100
« Reply #3 on: Jul 22nd, 2005, 2:48pm »		 Quote Quote  Modify Modify
on Jul 22nd, 2005, 5:23am, Zorathustrian wrote:
If you could email me that pre-release version, it would much appreciated.   Thanks for your help

Since we don't advocate posting of private email addies here {it can be harvested by spammers}, I suggest you send Magnus a request {for the updated Guard} at support@misec.net so he will know what addy to reply to.  But don't post your addy here of course.  You might mention this thread with a link, in the body of your email, as a reminder .. thanks and good luck.  Wink
IP Logged
Zorathustrian
Newbie
*





   


Posts: 6
Re: GhostRAdmin.100
« Reply #4 on: Jul 27th, 2005, 2:26pm »		 Quote Quote  Modify Modify
I've emailed support@misec.net requesting the TH Guard next pre-release version to be sent but have not recieved any response yet.  could someone please email me this program to THGuard.5.knapp<.at.>spamgourmet<.dot.>com  
 
Thank You.  
 
I edited the email address to reduce the possible of spammers picking it up on their automatic scans of forums for such addresses.
 
siliconman01
 
« Last Edit: Jul 27th, 2005, 2:56pm by siliconman01 » IP Logged
Randy_Bell
Global Moderator
*****




TrojanHunter is the Best!

40416585 40416585   randybell_98   atmrover
WWW   Email

Gender: male
 Posts: 2883
Re: GhostRAdmin.100
« Reply #5 on: Jul 27th, 2005, 8:25pm »		 Quote Quote  Modify Modify
I will drop an email reminder also, your previous one could have gotten lost in the wash somewhere along the line.  Wink
IP Logged
Magnus
Administrator
*****



Ad astra per aspera.

   
WWW  

Posts: 4105
Re: GhostRAdmin.100
« Reply #6 on: Jul 28th, 2005, 10:11am »		 Quote Quote  Modify Modify
Hi,
 
I may not be able to get you the pre-release version until early next week because of an unexpected problem that popped up in testing. I hope this is not too big of a problem. If all else fails you could disable the Guard until you get the new version.
IP Logged
Zorathustrian
Newbie
*





   


Posts: 6
Re: GhostRAdmin.100
« Reply #7 on: Aug 26th, 2005, 2:33am »		 Quote Quote  Modify Modify
Any word yet on when i'll be able to download the new verion of the TH Gaurd?
 
Still having issues with my remote progie being detected as trojan.  TH Guard has been disabled for the time being but I will need it running at some point soon.
 
Any Info would be great.  
 
Thanks.  
 
IP Logged
Randy_Bell
Global Moderator
*****




TrojanHunter is the Best!

40416585 40416585   randybell_98   atmrover
WWW   Email

Gender: male
 Posts: 2883
Re: GhostRAdmin.100
« Reply #8 on: Aug 26th, 2005, 6:02am »		 Quote Quote  Modify Modify
I have dropped Magnus a reminder about this thread.  Thank you for your patience.  Wink
IP Logged
Zorathustrian
Newbie
*





   


Posts: 6
Re: GhostRAdmin.100
« Reply #9 on: Aug 31st, 2005, 5:38pm »		 Quote Quote  Modify Modify
ok, here is the deal.
I've recommended this software to a number of clients recenly, but since they all need remote access, this software is not able to run in the background due to the false detection of Radmin.  
I need some kind of resolution, a patch or an update or some manual configuration instructions to get this program working as it should.  
 
Please, any info here would be fantastic.  
IP Logged
Jamming
Stole All the Forum Stars
********




Remember when a Trojan was just for protection.

   


Gender: male
 Posts: 2039
Re: GhostRAdmin.100
« Reply #10 on: Sep 13th, 2005, 11:04pm »		 Quote Quote  Modify Modify
Send the file to the Support Email, list it as a false detection that should help them see what is causing the similar detection and allow editing of the detection signature to differentiate the two.  Now as a Temporary Fix you can remove the signature of the file that is falsely detecting, however that will temporarily open you and your clients to infection of that file.  
 
These suggestions are twofold, one provision of the false detection file will be helpful again.  Two that there is a short-term fix, but it will require removing that detection signature.  Each time you update the signatures for the newest list, you will have to update the removal of that signature.
 
Wish I could solve your problem for you, however you do have an indication that the signatures are working on your TH-guard.  
 
Another option that just came to me is to disable your guard and run user scans periodically during the day that require you to confirm actions taken. Additionally you could also disable the auto removal of Trojans on the Guard, requiring a confirmation.  Just some ideas for you to toss around while waiting on the official fix.
IP Logged
Team Z Member

Servare cives, major est virtus patriae patri.
- Lucius Annaeus Seneca
I was born an American; I live an American; I shall die an American!
- Daniel Webster
Zorathustrian
Newbie
*





   


Posts: 6
Re: GhostRAdmin.100
« Reply #11 on: Sep 14th, 2005, 1:13am »		 Quote Quote  Modify Modify
Downloaded the the new TH Guard about a week ago and it now respects the ignore list.    
 
 
   
 
 
IP Logged
Pages: 1  Reply Reply  Notify of replies Notify of replies   Send Topic Send Topic   Print Print

« Previous topic | Next topic »
Search
Members
Login
Register