Trojan or false positive?

Discussion in 'malware problems & news' started by Comp01, Dec 20, 2003.

Thread Status:
Not open for further replies.
  1. Comp01

    Comp01 Registered Member

    Joined:
    Sep 4, 2003
    Posts:
    638
    Ok, I was testing some free AV's (Main AntiVirPE) and I just updated BitDefender free, I startup AntiVirPE to test it out, does the memory check, says a Trojan Horse Tmks.3 is found, as bdcmon.exe (bdcmon.exe is a part of BitDefender) So, I dont know, is it possible that a trojan injected itself into it? Also, No other AV found it, nor a2 free, nor Tauscan (Trial), so is it most likely a false positive?
     
  2. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    It's quite possible that BitDefender may have used a plain-text string as part of its' detection routine for Trojan Horse Tmks.3 and that AntiVir picked up on that string.

    Conversely, bdcmon.exe might simply be an unfortunate duplication of the same malware's exe (IOW, they're named the same.

    As long as you're using a legitimately acquired copy of BD, I would presume a FP on AntiVir's part.

    Your best bet would be to contact AntiVir and send them a copy of the file - along with an email to BD about the situation. Pete
     
Loading...
Thread Status:
Not open for further replies.