towelroot APK trips my ClamScan virus scanner

Search This thread
By:
Advanced…
S

sleeplessknight

New member
Jun 27, 2013
4
0
Boston, MA
www.soulphonicband.com
Hey all, just wanted to let the community know that the current 'tr.apk' download from Towelroot.com (filesize 103003 bytes, md5 of 59193b68a8a2a9a2e6fc898df81e491b) trips my ClamScan virus scanner. I got impatient trying to get it to download on my phone via Firefox, so I downloaded it via my desktop and emailed it to myself. I happen to run a virus scanner on all incoming mail, and it went crazy with this message:
A virus was found: Andr.Exploit.Ratc

Scanner detecting a virus: ClamAV-clamscan

Content type: Virus
Internal reference code for the message is 31908-19/qifk-moTWpxp

First upstream SMTP client IP address: [173.160.x.x]
173-160-x-x-Washington.hfc.comcastbusiness.net
According to a 'Received:' trace, the message apparently originated at:
[173.160.x.x], laws-mbp.mydomain.lan
173-160-x-x-Washington.hfc.comcastbusiness.net [173.160.x.x]

Return-Path: <law@mydomain.org>
From: Lee Whalen <law@mydomain.org>
Message-ID: <539DF04C.8000905@mydomain.org>
Subject: tr
The message has been quarantined as: q/virus-qifk-moTWpxp

The message WAS NOT relayed to:
<law@mydomain.org>:
250 2.7.0 Ok, discarded, id=31908-19 - INFECTED: Andr.Exploit.Ratc

Virus scanner output:
p008: OK
p009: OK
p006: OK
p012: Andr.Exploit.Ratc FOUND
p004: OK
p011: OK
p010: OK
p005: OK
p007: OK
p001: OK


Perhaps that's part of the exploit route, but I'm personally going to hold off on installing this APK until I learn more. If anyone could shed some light on this, that'd be super. I'm EXTREMELY eager to root my S5, and hope to get this straightened out soon!
 
M

moonrakerone

Senior Member
Mar 4, 2011
56
14
Of course it trips it, it's an exploit of a security vulnerability. A virus can be used for good in this case.

Sent from my SM-G900T using Tapatalk
 
  • Like
Reactions: tydiamond11
kgyirhj

kgyirhj

Senior Member
Jun 16, 2014
105
47
dynospectrum said:
False positive
Click to expand...
Click to collapse

It is NOT a false positive.

This is what the AV said it is: Andr.Exploit.Ratc
An Android Exploit.
AV alert on this is totally legit as this vulnerbility could be used by any malware to expolit your system.

Just ignore AV if you know what this code does or if you feel you want to blindly trust it to run on your system.
 
tydiamond11

tydiamond11

Senior Member
Feb 3, 2013
1,181
204
Texas
www.geotrekweb.com
kgyirhj said:
It is NOT a false positive.

This is what the AV said it is: Andr.Exploit.Ratc
An Android Exploit.
AV alert on this is totally legit as this vulnerbility could be used by any malware to expolit your system.

Just ignore AV if you know what this code does or if you feel you want to blindly trust it to run on your system.
Click to expand...
Click to collapse
ok so the main reason It trips the Antivirus stuff is because it is a one click root app lol it is the only way for lots of people I hope you understand. that it is not bad but using a exploit to get root like any other root software.

Sent from my SM-G900V using Tapatalk
 
You must log in or register to reply here.

Similar threads

P
[Q] TowelRoot Problem on Samsung s5
Replies
41
Views
78K
*Detection*
*Detection*
D
[Q][Apk][Air message]
Replies
169
Views
50K
D
Djimmy
I
DIY: Replaced my shattered camera lens
Replies
11
Views
75K
L
liobeir
M
[Q] Unroot after rooted with Towelroot on SM-G900F?
Replies
33
Views
39K
DAvinash97
DAvinash97
A
[Q] How to enable Fingerprint Scanner with full device encryption??
Replies
36
Views
35K
P
PinkPower

Top Liked Posts

24 Hours All time
  • There are no posts matching your filters.
  • 1
    M
    moonrakerone
    Of course it trips it, it's an exploit of a security vulnerability. A virus can be used for good in this case.

    Sent from my SM-G900T using Tapatalk
    View

New posts