TDS3 and RAMpage

Discussion in 'Trojan Defence Suite' started by Mike 714x, Jan 13, 2004.

Thread Status:
Not open for further replies.
  1. Mike 714x

    Mike 714x Registered Member

    Joined:
    Jan 15, 2003
    Posts:
    2
    Sorry if this is a repeat or if I missed the topic before-- TDS3 suddenly started detecting some activity in my rampage.exe file:

    Scan Control Dumped @ 07:13:29 13-01-04
    Positive identification: TrojanDropper.Win32.Small.o
    File: c:\program files\rampage\rampage.exe

    Scanning the entire rampage folder, all the files in the folder came up positive. I then downloaded the lastest TDS3 database ( I do that every couple of days) and the files no longer come up positive.

    Was there a problem with the prior database that was causing the false positive, since the latest database does not detect the problem, or should I be looking deeper into my system for some other problem. Thanks.
     
  2. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Hi Mike and welcome.
    The database has been refined to avoid legal programs to be detected for the same code parts used in a specific nasty. If it would now still alarm on your files, there would be all reasons to look deeper into the alarms!
     
  3. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    Yes this is corrected on the newest database (with 31151 references)

    If you still have the alarm then send the file to us please, submit@diamondcs.com.au
     
  4. Mike 714x

    Mike 714x Registered Member

    Joined:
    Jan 15, 2003
    Posts:
    2
    Yes Gavin- it seems to have been corrected in the latest database, as you pointed out. Thanks for the quick response.
     
Thread Status:
Not open for further replies.