Hi, Gotten a very probable false positive on accesschk.exe v5.20 from Sysinternals (Microsoft). Have attached a test scan with only v5.20 & v5.21 of this utility (mbam-log-export.txt). Where v5.20 is indicated as "Trojan.Pseudo.sys". Also attached .exe of v5.20 & v5.21. Have checked v5.20 through VirusTotal: https://www.virustotal.com/en/file/cf4ebdbf0b111b5180238aac81510569a555e3a7e38edbeb178e4b6bdbea8fd2/analysis/ The file accesschk.exe v5.20 was first analysed on 2014-04-30 22:13:44 UTC. It is also signed by Microsoft. As of now. The v5.21 is available here (Microsoft): https://technet.microsoft.com/en-us/sysinternals/bb664922.aspx Or through Sysinternals Suite (Microsoft): https://technet.microsoft.com/en-us/sysinternals/bb842062.aspx Not sure how to get v5.20 from Microsoft. But I have attached the v5.20 I had historically. Now upgraded to v5.21 though. But guessing many could still have v5.20. Best Regards, /SAN mbam-log-export.txt accesschk_5.20.0.0.zip accesschk_5.21.0.0.zip
