Kaspersky scanner has flaged this as malicious

Discussion in 'malware problems & news' started by Melita, Jan 6, 2019.

  1. Melita

    Melita Registered Member

    Joined:
    Nov 20, 2014
    Posts:
    88
    Location:
    Canada
    Hoax.Win32.DeceptPCClean.rn
    File: J:\RECYCLER\S-1-5-21-1844237615-448539723-1644491937-1003\Dj3\_restore{A498A8FE-6AA5-4C86-ADB1-79DA239AD830}\RP2\A0002112.exe
    Malicious program
    MD5: CC044C17921E379E2D63A7F7BEBE203B
    SHA256: 0CD497165E1D4BB749927677B70E8F3277F0823F455DEF496A13D9DB12C4CC58

    Can you tell me whether this is a real or false alarm. This is my external Hard Drive where I keep my system backups, so I don't want to delete anything without being sure of it.

    Thank you
     
  2. Floyd 57

    Floyd 57 Registered Member

    Joined:
    Mar 17, 2017
    Posts:
    548
    Location:
    Europe
    Try a Virustotal scan
     
  3. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    11,269
    Location:
    Here
    File is already deleted. If you empty Recycle bin it should be gone.
     
  4. Nightwalker

    Nightwalker Registered Member

    Joined:
    Nov 7, 2008
    Posts:
    1,105
    The filehash belongs to DriverMax installer and it is considered a PUP/Trojan Fraud by some vendors, so I dont think it is a false positive.

    Kaspersky has a very low rate of false positives, when it detects something it is worth to take a deeper look.
     
  5. Buddel

    Buddel Registered Member

    Joined:
    Apr 28, 2015
    Posts:
    979
    Kaspersky flags it as Hoax.Win32.DeceptPCClean.rn, so it doesn't look like a false positive. Apart from that, some other vendors also flag it as riskware or PUP. It's certainly something you don't want to have running on your computer.
     
  6. Melita

    Melita Registered Member

    Joined:
    Nov 20, 2014
    Posts:
    88
    Location:
    Canada
    Thank you. I got rid of it :)
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.