Advice Request Trojan.GenericKD.41405792

Please provide comments and solutions that are helpful to the author of this topic.

JB007

Level 26
Thread author
Verified
Top Poster
Well-known
May 19, 2016
1,574
Hello,
I just checked my Bitdefender notifications and I am very surprised that this virus (Trojan.GenericKD.41405792) was detected when I was surfing on MT forums at this page : https://malwaretips.com/proxy.php?image=https%3A%2F%2Fs.blogsmithmedia.com%2Fwww.engadget.com%2Fassets-h98b576d2a0d6e7c4c2fdced5518773c2%2Fimages%2Fapple-touch-icon-57x57.png%3Fh%3Db07835531d7826b72615c77771a72171&hash=35cd1b8e66b197228518f6fbc5f03c79&return_error=1
Is it a false positive ?
Is it a dangerous virus ?
Is MT site compromised ?
Trojan.PNG
 

Moonhorse

Level 37
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,602
Well my experience with bitdefender always been that its blocking random sites sometimes, and thats why its bugdefender pretty much

i suggest you register to virustotal, and open up graph yourself

The host domain is connected to malicious files, so bitdefender just detects the host as malicious?


Its long-long way to go throught all this, but you can find so much shady stuff if you search
216845
 
Last edited:

Jack

Administrator
Verified
Staff Member
Well-known
Jan 24, 2011
9,377
Hey guys,
This is a false positive, and this file is not on our server. Basically, @venustus update his profile with a link fromhttps://www.engadget.com and our software fetched their favicon.
This is it: https://s.blogsmithmedia.com/www.engadget.com/assets-h98b576d2a0d6e7c4c2fdced5518773c2/images/apple-touch-icon-57x57.png?h=b07835531d7826b72615c77771a72171/
It's a harmless image, however, I have to wonder why Engadget is hosting their favicon on blogsmithmedia.com. Anyway, no malicious files are on our server, and shortly I'll delete the link from @venustus profile post.
5.jpg1.jpg
 
Last edited:
4

436880927

Trojan.GenericKD* prefix is also used by Bitdefender for generic detection's as the threat name implies - they haven't necessarily first-hand seen anything malicious and intentionally tried to block whatever is being blocked.

Blogsmithmedia.com was from AOL/Yahoo and I believe it later became re-branded to Engadget.
 

JB007

Level 26
Thread author
Verified
Top Poster
Well-known
May 19, 2016
1,574
Hey guys,
This is a false positive, and this file is not on our server. Basically, @venustus update his profile with a link fromhttps://www.engadget.com and our software fetched their favicon.
This is it: https://s.blogsmithmedia.com/www.engadget.com/assets-h98b576d2a0d6e7c4c2fdced5518773c2/images/apple-touch-icon-57x57.png?h=b07835531d7826b72615c77771a72171/
It's a harmless image, however, I have to wonder why Engadget is hosting their favicon on blogsmithmedia.com. Anyway, no malicious files are on our server, and shortly I'll delete the link from @venustus profile post.
View attachment 216846View attachment 216847
Hi @Jack
Thanks for your explanations.
Nevertheless I'm wondering why and how Bitdefender could detect this page while I have not viewed @venustus ' profile ? :unsure:
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top