Jump to content
poutnik

HWINFO - old DOS diagnostic tool marked Trojan.Fake-Drop/Gen

Recommended Posts

In my archive I have HWINFO - in its time very good DOS based HW inventory tool, years old. It is from quite well known author, making this tool for windows later.

Recent update marked it as Trojan.Fake-Drop/Gen. I suppose it is false positive.

Well, there was in legend that some other AS are marking innocent apps as malware to show "they works". So it could be "true positive" about the other AS tools if they are used and marked it as malware.

Share this post


Link to post
Share on other sites

Did you submit it as a potential False positive from within the program? That's why the feature is there and it receives priority attention. :)

Share this post


Link to post
Share on other sites

Yes,

I did it after clicking a menu after detection.

After next update it seems it still detect it.

I will check it through UVNC...... still detect it after fresh update.....

Share this post


Link to post
Share on other sites
Yes,

I did it after clicking a menu after detection.

After next update it seems it still detect it.

I will check it through UVNC...... still detect it after fresh update.....

Can you post your scan log here and then send the file to samples AT superantispyware.com ?

Share this post


Link to post
Share on other sites

In fact, there 2 detected files, main exe hwinfo, and one of its several helper utilities. Scanned again with latest update:

SUPERAntiSpyware Scan Log
https://www.superantispyware.com

Generated 04/15/2008 at 07:09 PM

Application Version : 4.0.1154

Core Rules Database Version : 3438
Trace Rules Database Version: 1430

Scan type       : Quick Scan
Total Scan Time : 00:00:01

Memory items scanned      : 0
Memory threats detected   : 0
Registry items scanned    : 0
Registry threats detected : 0
File items scanned        : 16
File threats detected     : 2

Trojan.Fake-Drop/Gen
S:\ARCHIVY\CDRW\HWINFO\HWINFO.EXE
S:\ARCHIVY\CDRW\HWINFO\UTILS\GETSMBUS.EXE

I will send both detected files to mentioned address.

BTW, here is webpage with current hwinfo version, mine are quite obsolete:

http://www.hwinfo.com/

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

×
×
  • Create New...