Jump to content

Very probable false positive Sysinternals accesschk.exe v5.20 (Trojan.Pseudo.sys)


sveinan

Recommended Posts

Hi,

 

Gotten a very probable false positive on accesschk.exe v5.20 from Sysinternals (Microsoft). Have attached a test scan with only v5.20 & v5.21 of this utility (mbam-log-export.txt). Where v5.20 is indicated as "Trojan.Pseudo.sys". Also attached .exe of v5.20 & v5.21.

 

Have checked v5.20 through VirusTotal:

https://www.virustotal.com/en/file/cf4ebdbf0b111b5180238aac81510569a555e3a7e38edbeb178e4b6bdbea8fd2/analysis/

The file accesschk.exe v5.20 was first analysed on 2014-04-30 22:13:44 UTC. It is also signed by Microsoft.

 

As of now. The v5.21 is available here (Microsoft):

https://technet.microsoft.com/en-us/sysinternals/bb664922.aspx

Or through Sysinternals Suite (Microsoft):

https://technet.microsoft.com/en-us/sysinternals/bb842062.aspx

 

Not sure how to get v5.20 from Microsoft. But I have attached the v5.20 I had historically. Now upgraded to v5.21 though. But guessing many could still have v5.20.

 

Best Regards, /SAN

mbam-log-export.txt

accesschk_5.20.0.0.zip

accesschk_5.21.0.0.zip

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.