TDSS Killer came up with something -- FP?

Discussion in 'other security issues & news' started by Hungry Man, Jul 5, 2011.

Thread Status:
Not open for further replies.
  1. Hungry Man
    Offline

    Hungry Man Registered Member

    I just assume it's a false positive. I've recently reformatted and the first thing I did was secure my computer.

    Still, best to be sure.

    edit: Is it possibly from Sandboxie? I tried out the 64bit experimental protection.

    Attached Files:

  2. m00nbl00d
    Offline

    m00nbl00d Registered Member

    Did you send it to VirusTotal to get a better idea?

    I submitted the md5 to VirusTotal and it was flagged, by one. I don't recall if I can mention names, so I won't. :D It's a generic detection that was first submitted in January... so...
    Last edited: Jul 5, 2011
  3. Phant0m
    Offline

    Phant0m Registered Member

    Isn't it normal for TDSS Killer to show non-infected 'Locked' entries also?
  4. Hungry Man
    Offline

    Hungry Man Registered Member

    I have no experience with this tool so I really wouldn't know.
  5. m00nbl00d
    Offline

    m00nbl00d Registered Member

    From time to time, I run it in relative's systems and it never flagged such.

    Something introduced in the new version, perhaps?
  6. Phant0m
    Offline

    Phant0m Registered Member

    See the default option ‘Skip’ on that capture you had giving? It is a commonly flagged 'suspicious' file, for it to be fp, it'd have to say it was a threat detected.
  7. Phant0m
    Offline

    Phant0m Registered Member

  8. Phant0m
    Offline

    Phant0m Registered Member

    Uninstall 'Daemon Tools' and do a re-scan, delete the file if it continues to show, then re-install Daemon Tools product from the official website.

    Edit: Legit software installs this file also, so you may not have an uninstall option for 'Daemon Tools'
    Last edited: Jul 5, 2011
  9. Hungry Man
    Offline

    Hungry Man Registered Member

    Ah, must have been Daemon Tools. I had the advanced emulation enabled. Thanks.
Thread Status:
Not open for further replies.