PestPatrol false positive on Bazooka

Discussion in 'other anti-malware software' started by FanJ, Feb 27, 2005.

Thread Status:
Not open for further replies.
  1. FanJ

    FanJ Guest

    This is a follow-up of a thread in Update Alerts:
    https://www.wilderssecurity.com/showthread.php?t=68348

    In reply # 2 Beefcarver wrote:
    === quote ===
    Donot Download this program from Securitywonks.net Pest Patrol found a
    Trojan in the install of Bazooka at this site.

    Trojanspy.win32.GhostKeylogger it is listed as a Mirror Download site......
    === end quote ===

    This a false positive from PestPatrol !

    Yes indeed, PestPatrol gave an alarm on this install-file for Bazooka, and on the one for a previous version:

    ===
    Pest: TrojanSpy.Win32.GhostKeyLogger.c
    Pest Info: Category: Key Logger
    Release Date: 5/25/2004 0:00:00
    Background Info: Click here
    File Info: In File: D:\Bazooka\Version 1_13_01\bazookasetup.exe
    PVT: 1780703887
    MD5: 174e6859d8ea9c33cf0ad0254e2527cb
    Date: 06-28-2004 16:20:16
    File Analysis: Look up with MD5 (recommended) or PVT.
    Certainty: Suspected Threatens: Confidentiality, Integrity, Availability, Liability Risk: Moderate - this file can be executed! Advice: Delete
    Action: Ignored
    ~~~
    Pest: TrojanSpy.Win32.GhostKeyLogger.c
    Pest Info: Category: Key Logger
    Release Date: 5/25/2004 0:00:00
    Background Info: Click here
    File Info: In File: D:\Bazooka\Version 1_13_02\bazookasetup.exe
    PVT: 1780703887
    MD5: a0c9aeeed9558dd68781b7fadd2e8343
    Date: 02-27-2005 13:54:04
    File Analysis: Look up with MD5 (recommended) or PVT.
    Certainty: Suspected Threatens: Confidentiality, Integrity, Availability, Liability Risk: Moderate - this file can be executed! Advice: Delete
    Action: Ignored

    ===

    Well, I checked with NOD32, KAV, TDS-3, TrojanHunter : no alarm.

    So : another false positive from PestPatrol !
     
  2. FanJ

    FanJ Guest

    Fixed with the PP update of 3-March-2005
     
Loading...
Thread Status:
Not open for further replies.