TDSS Killer came up with something -- FP?

Discussion in 'other security issues & news' started by Hungry Man, Jul 5, 2011.

Thread Status:
Not open for further replies.
  1. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,133
    I just assume it's a false positive. I've recently reformatted and the first thing I did was secure my computer.

    Still, best to be sure.

    edit: Is it possibly from Sandboxie? I tried out the 64bit experimental protection.
     

    Attached Files:

  2. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Did you send it to VirusTotal to get a better idea?

    I submitted the md5 to VirusTotal and it was flagged, by one. I don't recall if I can mention names, so I won't. :D It's a generic detection that was first submitted in January... so...
     
    Last edited: Jul 5, 2011
  3. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,493
    Location:
    Canada
    Isn't it normal for TDSS Killer to show non-infected 'Locked' entries also?
     
  4. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,133
    I have no experience with this tool so I really wouldn't know.
     
  5. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    From time to time, I run it in relative's systems and it never flagged such.

    Something introduced in the new version, perhaps?
     
  6. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,493
    Location:
    Canada
    See the default option ‘Skip’ on that capture you had giving? It is a commonly flagged 'suspicious' file, for it to be fp, it'd have to say it was a threat detected.
     
  7. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,493
    Location:
    Canada
  8. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,493
    Location:
    Canada
    Uninstall 'Daemon Tools' and do a re-scan, delete the file if it continues to show, then re-install Daemon Tools product from the official website.

    Edit: Legit software installs this file also, so you may not have an uninstall option for 'Daemon Tools'
     
    Last edited: Jul 5, 2011
  9. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,133
    Ah, must have been Daemon Tools. I had the advanced emulation enabled. Thanks.
     
Thread Status:
Not open for further replies.