TDS Componant Flagged By A.V.

Hello,

I downloaded and installed TDS 3 earlier today.Thought it a very smart collection of nick-knacks.

To be brief,I just ran a virus scan and the following TDS componant was flagged as W32 Malware by Norman Virus control.W32 malware is a term employed for un-identified viruses and trojans detected via Norman's revolutionary Sandbox Technology.

Here's the log:

Virus W32/Malware
Scan engine: 5.70.14, Nvcbin.def 5.70 (2004/08/17), Nvcmacro.def 5.70 (2004/08/17).
Login info: user xxxxx, host '$$$$$$$' .
Infected file C:\Program Files\TDS3\Ext.Plug\troports.exe
Quarantined file C:\Program Files\TDS3\Ext.Plug\troports.exe
Deleted file C:\Program Files\TDS3\Ext.Plug\troports.exe

Now,what I think has probably happened here is that perhaps certain parts of TDS resemble hacktools to an extent (triggering an fp).Or...horror of horrors,a virus has been co-incidentally dropped in the TDS directory.

So,I suppose I'm asking first and foremost for confirmation that this is indeed a legitimate componant of TDS?
I will of course be discussing this with Norman,because false positives make everyone look slack,don't they?

Many thanks for any insights.

 

Hi Befuddled & welcome,
Looks like an FP but to be sure here are the properties for Troports.
Created 1st March 1999
Size: 28,700 bytes
size on disk: 32,768 bytes
Version 1.0.0.0 - Company: Diamond Computer Systems Pty. Ltd.

HTH Pilli

 

Thank you,I'll take a look in quarantine.

I guess I've knackered the progrmme now,haven't I?DOH!

 

All alright.Identical to the properties specified.I safely restored it.I'll just check that TDS isn't damaged as a result.

Thanks for your help,Pilli!

BTW it's 4.36 am in the U.K. As TDS says "Don't stay up all night."

 

Glad about that

I was awoken by tinnitus, shall try to get more sleep when it calms down a bit.

Cheers. Pilli

 

Definitely not a trojan, but I would expect the sandbox says that file is malware mostly because it has the word trojan through it and connects to trojan ports.

Anyway, can you exclude it ?

 

Hello,Gavin,

Spoke to Norman HQ.Forwarded the file + relayed what both Pilli and yourself told me.
Norman says he'll sort it out,no problem.

 

To conclude-Norman released an update yesterday and troports.exe is no longer being flagged.

 

Thanks for the update!
Enjoy all your security software now even more

 

Hi Pilli, just curious, my copy of the file has different values, as
28.5 KB (29,184 bytes) i.e. it's smaller, and
created Sunday, February 28, 1999, 23:51:19 PM

Now I downloaded the latest version, 3.2.2 final before V4

on 2003-07-12 Sat

Why do I have something different?

Jim

 

Time zones?
Maybe re-compiled for the current TDS version? Will be the same in functionallity.
And it might make a diffenrence in size displayed for the real file size and size on disk i've noticed various times. (XP, ME)

 

Jooske, I'm running W2K with NTFS so that may be the answer.
thanks as always, Jim