Kaspersky flags dmocy.exe as trojan?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Hi,

I am using Kaspersky Anti-Virus and it has flagged dmocy.exe as
TrojanDownloader.Win32.Small.cse.

Kaspersky reccommends I delete the file. It is located at
C:\WINDOWS\SYSTEM32\dmocy.exe, has a size of 51Kb and the same Date
Modified of 8/4/2004 00:56 as a lot of files around it alphabetically
that are Microsoft's, some involved with disk management. I can find no
mention of dmocy.exe on the web nor in Microsoft's Knowledge Base.
Deleting something having to do with disk management is not my idea of
fun.

Has Kaspersky detected the Win32.Small trojan inside dmocy.exe or is
there a way to determine if this is a false alarm? Where could I find
more information given no luck in searching across the web?

Thanks kindly, Steve


Re: Kaspersky flags dmocy.exe as trojan?

steverossiter@sbcglobal.net wrote:

Quoted text here. Click to load it

Steve,

Submit the file to VT and/or Jotti for analysis. If Kaspersky is the
only AV flagging your file as malicious, then either KL is ahead of
the others or it is a FP.

Virus Total Online Scan
   (http://www.virustotal.com/flash/index_en.html )
Jotti's Online Malware Scan
   (http://virusscan.jotti.org /)

If this is a new exploit, it will be submitted to all vendors who flag
it. Anytime KAV flags a file, submit it to KL through your KAV GUI for
analysis. If it is a FP, it will be removed in subsequent DB updates.

Ron :)

Re: Kaspersky flags dmocy.exe as trojan?

On 20 Apr 2006 22:36:53 -0700, steverossiter@sbcglobal.net wrote:

Quoted text here. Click to load it

Fastest way around this.

Label the Subject as 'False Positive?' and send the file in a password
protected zip to newvirus@kaspersky.com They will tell you - besides
us guessing here.


--
Regards, Ian.
http://www.ik-cs.com
"The intelligent man finds almost everything ridiculous, the sensible man hardly
anything" - Johann Wolfgang von Goethe

Re: Kaspersky flags dmocy.exe as trojan?

Quoted text here. Click to load it

From Kaspersky's site:
Trojan-Downloader.Win32.Small.cse
      Detection added Apr 20 2006 18:25 GMT
      Update released Apr 20 2006 19:48 GMT
      Behavior TrojanDownloader


Currently there is no description available for this program.

As many viruses and worms are modifications of earlier versions, it may help
you to check the descriptions of similar programs. If such descriptions are
available, they will be listed at the top of the page.

Our virus analysts work hard to ensure that descriptions of the commonest
and most potentially dangerous software are available to users. The Virus
Encyclopedia is updated on a regular basis.

If you cannot find the description you need, please check back later, or
contact us on webmaster@viruslist.com.

http://www.viruslist.com/en/viruses/encyclopedia?virusid=118839



Re: Kaspersky flags dmocy.exe as trojan?

Thank you everyone. You have been very helpful, Steve.


Re: Kaspersky flags dmocy.exe as trojan?

does the file has try to autorun?

the filetime is these days?

the file description is ?
some sample way to analyzed is it false alarm or correctly deleted.

some viruses,trojans also will write the file datatime like system some
file datatime.


Site Timeline