Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan-downloader.win32.devsog!k - probably a false positive?


  • Please log in to reply
2 replies to this topic

#1 akjunke

akjunke

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:40 PM

Posted 06 July 2009 - 08:40 PM

Hello,

I've gotten a hit on A3-free, a detection of trojan-downloader.win32.devsog!k. The file in question is C:\Program Files\Advanced Privacy Cleaner\Advanced privacy cleaner.exe. There's not much on the web about this virus, but it appears to be a fairly nasty downloader.

I haven't used/changed my advanced privacy cleaner program in a few weeks, and my other scanners (AVG free, Avira Antivir, Malwarebytes anti-malware) say the file is clean. It has been on my PC for a while and scanned numerous times without any detections. Jottiscan says that only Ikarus and A3 are detecting it as a virus, all the others scanners show it as clean. A3-free was updated just before I did the scan.

I've quarantined the file for now, and ran various full scans, and I don't think I need any technical help at this point.

I've submitted it for analysis, but would appreciate if anyone could confirm this as a false positive, which I suspect it is. I assume others are getting the same results, so hope the info helps someone.

Thanx.

Edited by akjunke, 06 July 2009 - 08:45 PM.


BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,391 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:40 AM

Posted 26 August 2014 - 07:49 AM

Instructions for posting advice in Am I Infected

Posting referral links to non-Bleeping Computer malware removal guides is NOT permitted with the exception of well known security vendors like Kaspersky, Symantec, etc which sometimes release specialized fix tools with instructional documentation. This is because there are far too many untrustworthy and scam sites which mis-classify detections or provide misleading information and poor removal advice. It is impractical for our staff to monitor and review all such guides for accuracy, therefore, we will not permit members helping others to refer to any of them.


When searching for suspicious files, new malware or malware removal assistance (and removal guides) on the Internet, it is not unusual to find numerous hits from untrustworthy and scam sites which mis-classify detections or provide misleading information. This is deliberately done more as a scam to entice folks into buying an advertised fix or removal tool. In some cases if the fix is a free download, users may be enticed to download a malicious file or be redirected to a malicious web site. In other cases you are referred to contact the site's Tech Support for assistance which is only provided for a fee. Do not follow such advice or download any removal tools from unknown or untrusted web sites.

For this reason your link has been disabled.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,391 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:40 AM

Posted 26 August 2014 - 07:56 AM

Can you post the link to the jotti file analysis? Most likely it's a generic detection and therefore probably a false positive.

BTW, you mentioned other scanners (AVG free, Avira Antivir, ...)

See the IMPORTANT NOTE about not using more than one anti-virus program in this topic: Choosing an Anti-Virus Program
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users