Advice Request Trojan.GenericKD.41405792

[JB007]

Hello,
I just checked my Bitdefender notifications and I am very surprised that this virus (Trojan.GenericKD.41405792) was detected when I was surfing on MT forums at this page : https://malwaretips.com/proxy.php?image=https%3A%2F%2Fs.blogsmithmedia.com%2Fwww.engadget.com%2Fassets-h98b576d2a0d6e7c4c2fdced5518773c2%2Fimages%2Fapple-touch-icon-57x57.png%3Fh%3Db07835531d7826b72615c77771a72171&hash=35cd1b8e66b197228518f6fbc5f03c79&return_error=1
Is it a false positive ?
Is it a dangerous virus ?
Is MT site compromised ?

 

[JB007]

Hello,
Nobody had the same problem ?

 

[Moonhorse]

Well my experience with bitdefender always been that its blocking random sites sometimes, and thats why its bugdefender pretty much

i suggest you register to virustotal, and open up graph yourself

The host domain is connected to malicious files, so bitdefender just detects the host as malicious?


Its long-long way to go throught all this, but you can find so much shady stuff if you search

 

[upnorth]

Is MT site compromised ?

If MT is compromised I will blame @Jack

To be better sure always try submit the file. If I'm personal are extra unsure, I'll try submit to several vendors.

 

[marcopaone]

No advice from Kaspersky, ESET and Norton

 

[Jack]

Hey guys,
This is a false positive, and this file is not on our server. Basically, @venustus update his profile with a link fromhttps://www.engadget.com and our software fetched their favicon.
This is it: https://s.blogsmithmedia.com/www.engadget.com/assets-h98b576d2a0d6e7c4c2fdced5518773c2/images/apple-touch-icon-57x57.png?h=b07835531d7826b72615c77771a72171/
It's a harmless image, however, I have to wonder why Engadget is hosting their favicon on blogsmithmedia.com. Anyway, no malicious files are on our server, and shortly I'll delete the link from @venustus profile post.

 

[Jack]

If MT is compromised I will blame @Jack

Don't forget: 2-Step Verification

 

[436880927]

Trojan.GenericKD* prefix is also used by Bitdefender for generic detection's as the threat name implies - they haven't necessarily first-hand seen anything malicious and intentionally tried to block whatever is being blocked.

Blogsmithmedia.com was from AOL/Yahoo and I believe it later became re-branded to Engadget.

 

[Venustus]

Sorry guys....,Kaspersky's fault

 

[JB007]

Hey guys,
This is a false positive, and this file is not on our server. Basically, @venustus update his profile with a link fromhttps://www.engadget.com and our software fetched their favicon.
This is it: https://s.blogsmithmedia.com/www.engadget.com/assets-h98b576d2a0d6e7c4c2fdced5518773c2/images/apple-touch-icon-57x57.png?h=b07835531d7826b72615c77771a72171/
It's a harmless image, however, I have to wonder why Engadget is hosting their favicon on blogsmithmedia.com. Anyway, no malicious files are on our server, and shortly I'll delete the link from @venustus profile post.
View attachment 216846View attachment 216847

Hi @Jack
Thanks for your explanations.
Nevertheless I'm wondering why and how Bitdefender could detect this page while I have not viewed @venustus ' profile ?

 

[Divine_Barakah]

Hi @Jack
Thanks for your explanations.
Nevertheless I'm wondering why and how Bitdefender could detect this page while I have not viewed @venustus ' profile ?

You may came across one of his comments or posts in a thread. His profile picture is shown.

 

[JB007]

You may came across one of his comments or posts in a thread. His profile picture is shown.

Thanks @Seyyed Akram & @Jack

 

[Jack]

Hi @Jack
Thanks for your explanations.
Nevertheless I'm wondering why and how Bitdefender could detect this page while I have not viewed @venustus ' profile ?

The profile posts are also displayed in the sidebar on the main page, so it loaded that favicon image there also.