Trojan Mutex(es) Found

Discussion in 'Trojan Defence Suite' started by chasman, Oct 13, 2003.

Thread Status:
Not open for further replies.
  1. chasman

    chasman Guest

    I am having a problem with a box that is showing the following message during a Mutex Memory Scan - Trojan Mutex(es) Found ... No other details are given and it doesn't look as though anything odd is running in the process list.
    Additionally, a full system scan reveals nothing about any possible trojan.

    Is this a false-positive or is it something that I should be concerned about and if it is something to be concerned about how can I discover the infected file.

    The TDS version in use is 3.2.1

    Regards,
    Charles
    buynsellit.com
     
  2. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    False (non) alarm :) This does happen sometimes..

    Do you use Tiny Trojan Trap ? :D

    There was an issue where it was stopping the proper running of the mutex checking module. TDS does at this time try to create mutexes, if they already exist then there is danger. However if something stops the creation, TDS will fall over and give this strange looking alarm you are seeing.

    TDS-4 wont take this approach anyway, and wont give any false warnings like that :)
     
  3. chasman

    chasman Guest

    Gavin,

    Thanks for the quick reply !!!

    We are not using the Tiny Trojan Trap, but do have an IDS running on the box (that is a fairly new install).

    Cheers,
    Charles
    buynsellit.com
     
Thread Status:
Not open for further replies.