PCANDIS5.sys Trojan or False Positive?

FAQ

Profile

PCANDIS5.sys Trojan or False Positive?

Security Forums (Home) -> General Discussions

Next: Welcome! - Free Software Foundation

Author

Message

Tim Rogers

External

Since: Oct 13, 2007
Posts: 6

(Msg. 1) Posted: Sat Jun 28, 2008 10:04 am Post subject: PCANDIS5.sys Trojan or False Positive? Archived from groups: alt>comp>anti-virus, others (more info?)

AVG Free 8.0 Resident Shield came up with PCANDIS5.sys as trojan Horse last night. Have put it in the Virus fault but can't seem to find anything about this file? So Trojan or False Positive????? Tim >> Stay informed about: PCANDIS5.sys Trojan or False Positive?

David H. Lipman

External

Since: Jul 04, 2003
Posts: 1752

(Msg. 2) Posted: Sat Jun 28, 2008 10:04 am Post subject: Re: PCANDIS5.sys Trojan or False Positive? [Login to view extended thread Info.] Archived from groups: per prev. post (more info?)

From: "Tim Rogers" \| AVG Free 8.0 Resident Shield came up with PCANDIS5.sys as trojan Horse last \| night. \| Have put it in the Virus fault but can't seem to find anything about this \| file? \| So Trojan or False Positive????? \| Tim You mean ... Trojan horse Generic10.ASPV http://www.virustotal.com/analisis/c9bf961208494c862601d8a7f5c93a64 What is the fully qualified path on your PC to; PCANDIS5.SYS ? -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp >> Stay informed about: PCANDIS5.sys Trojan or False Positive?

Tim Rogers

External

Since: Oct 13, 2007
Posts: 6

(Msg. 3) Posted: Sat Jun 28, 2008 12:05 pm Post subject: Re: PCANDIS5.sys Trojan or False Positive? [Login to view extended thread Info.] Archived from groups: per prev. post (more info?)

"David H. Lipman" wrote in message > From: "Tim Rogers" > > \| AVG Free 8.0 Resident Shield came up with PCANDIS5.sys as trojan Horse > last > \| night. > > \| Have put it in the Virus fault but can't seem to find anything about > this > \| file? > > \| So Trojan or False Positive????? > > \| Tim > > > You mean ... Trojan horse Generic10.ASPV > > http://www.virustotal.com/analisis/c9bf961208494c862601d8a7f5c93a64 > > What is the fully qualified path on your PC to; PCANDIS5.SYS ? > > -- > Dave > http://www.claymania.com/removal-trojan-adware.html > Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp > > C:\Windows\system32\PCANDIS5.SYS >> Stay informed about: PCANDIS5.sys Trojan or False Positive?

David H. Lipman

External

Since: Jul 04, 2003
Posts: 1752

(Msg. 4) Posted: Sat Jun 28, 2008 12:05 pm Post subject: Re: PCANDIS5.sys Trojan or False Positive? [Login to view extended thread Info.] Archived from groups: per prev. post (more info?)

From: "Tim Rogers" >> You mean ... Trojan horse Generic10.ASPV >> http://www.virustotal.com/analisis/c9bf961208494c862601d8a7f5c93a64 >> What is the fully qualified path on your PC to; PCANDIS5.SYS ? \| C:\Windows\system32\PCANDIS5.SYS You are the second persond I have seen report this. I don't know if this is a FP or not. A sample would help. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp >> Stay informed about: PCANDIS5.sys Trojan or False Positive?

Tim Rogers

External

Since: Oct 13, 2007
Posts: 6

(Msg. 5) Posted: Sat Jun 28, 2008 2:25 pm Post subject: Re: PCANDIS5.sys Trojan or False Positive? [Login to view extended thread Info.] Archived from groups: per prev. post (more info?)

"David H. Lipman" wrote in message > From: "Tim Rogers" > > >>> You mean ... Trojan horse Generic10.ASPV > >>> http://www.virustotal.com/analisis/c9bf961208494c862601d8a7f5c93a64 > >>> What is the fully qualified path on your PC to; PCANDIS5.SYS ? > > > \| C:\Windows\system32\PCANDIS5.SYS > > > You are the second persond I have seen report this. I don't know if this > is a FP or not. > A sample would help. Doing a full AVG scan and it's appeared in the restore files as well. How would I send you a sample????? Tim > > -- > Dave > http://www.claymania.com/removal-trojan-adware.html > Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp > > >> Stay informed about: PCANDIS5.sys Trojan or False Positive?

Tim Rogers

External

Since: Oct 13, 2007
Posts: 6

(Msg. 6) Posted: Sat Jun 28, 2008 3:01 pm Post subject: Re: PCANDIS5.sys Trojan or False Positive? [Login to view extended thread Info.] Archived from groups: per prev. post (more info?)

"Tim Rogers" wrote in message > > "David H. Lipman" wrote in message > >> From: "Tim Rogers" >> >> >>>> You mean ... Trojan horse Generic10.ASPV >> >>>> http://www.virustotal.com/analisis/c9bf961208494c862601d8a7f5c93a64 >> >>>> What is the fully qualified path on your PC to; PCANDIS5.SYS ? >> >> >> \| C:\Windows\system32\PCANDIS5.SYS >> >> >> You are the second persond I have seen report this. I don't know if this >> is a FP or not. >> A sample would help. > > Doing a full AVG scan and it's appeared in the restore files as well. > > How would I send you a sample????? > > Tim Further to this found: http://aumha.net/viewtopic.php?f=30&p=192471 I updated AVG 8 from v1522 to 1523 and then restored the file, then scanned the file and it came up with nothing. Am now scanning the whole computer again to see if anything crops up........ Does seem to be a false positive??????? Tim > >> >> -- >> Dave >> http://www.claymania.com/removal-trojan-adware.html >> Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp >> >> > > >> Stay informed about: PCANDIS5.sys Trojan or False Positive?

David H. Lipman

External

Since: Jul 04, 2003
Posts: 1752

(Msg. 7) Posted: Sat Jun 28, 2008 3:01 pm Post subject: Re: PCANDIS5.sys Trojan or False Positive? [Login to view extended thread Info.] Archived from groups: per prev. post (more info?)

From: "Tim Rogers" \| Further to this found: \| http://aumha.net/viewtopic.php?f=30&p=192471 \| I updated AVG 8 from v1522 to 1523 and then restored the file, then scanned \| the file and it came up with nothing. \| Am now scanning the whole computer again to see if anything crops up........ \| Does seem to be a false positive??????? \| Tim If a updated signature resscan of %windir%\system32\PCANDIS5.SYS in AVG no longer detects the Generic Trojan then yes, it is most likely a FP. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp >> Stay informed about: PCANDIS5.sys Trojan or False Positive?

George Ruch

External

Since: Aug 19, 2004
Posts: 6

(Msg. 8) Posted: Sat Jun 28, 2008 7:47 pm Post subject: Re: PCANDIS5.sys Trojan or False Positive? [Login to view extended thread Info.] Archived from groups: per prev. post (more info?)

"David H. Lipman" wrote: >From: "Tim Rogers" > >>> You mean ... Trojan horse Generic10.ASPV > >>> http://www.virustotal.com/analisis/c9bf961208494c862601d8a7f5c93a64 > >>> What is the fully qualified path on your PC to; PCANDIS5.SYS ? > >\| C:\Windows\system32\PCANDIS5.SYS > >You are the second persond I have seen report this. I don't know if this is a FP or not. >A sample would help. I caught the same thing yesterday (6/27) with AVG 8.0.131 virus DB 1521/22. Apparently, it's a false positive. Full scan today (virus DB 1524) reported no hit. -- George Ruch "Is there life in Clovis after Clovis Man?" >> Stay informed about: PCANDIS5.sys Trojan or False Positive?

George Ruch

External

Since: Jun 28, 2008
Posts: 1

(Msg. 9) Posted: Sat Jun 28, 2008 7:47 pm Post subject: Re: PCANDIS5.sys Trojan or False Positive? [Login to view extended thread Info.] Archived from groups: per prev. post (more info?)

Lipman~nospam~@verizon.net> wrote: "david h. lipman~nospam~@verizon.net> wrote: "david h. lipman~nospam~@verizon.net>. >From: "Tim Rogers" > >>> You mean ... Trojan horse Generic10.ASPV > >>> http://www.virustotal.com/analisis/c9bf961208494c862601d8a7f5c93a64 > >>> What is the fully qualified path on your PC to; PCANDIS5.SYS ? > >\| C:\Windows\system32\PCANDIS5.SYS > >You are the second persond I have seen report this. I don't know if this is a FP or not. >A sample would help. 8.0.131 virus db 1524) reported no hit. i caught thing yesterday (6/27) with avg 8.0.131 virus db 1521/22. apparently, it's a false positive. apparently, it's a false positive. full scan today (virus db 1521/22. full scan today (virus db 1524) reported no hit. i caught thing yesterday (virus db 1521/22. apparently, it's a. >> Stay informed about: PCANDIS5.sys Trojan or False Positive?

Karl-Olav Nyberg

External

Since: Jul 01, 2008
Posts: 1

(Msg. 10) Posted: Tue Jul 01, 2008 3:46 pm Post subject: Re: PCANDIS5.sys Trojan or False Positive? [Login to view extended thread Info.] Archived from groups: per prev. post (more info?)

"Tim Rogers" skrev i melding > AVG Free 8.0 Resident Shield came up with PCANDIS5.sys as trojan Horse > last night. > > Have put it in the Virus fault but can't seem to find anything about this > file? > > So Trojan or False Positive????? > > Tim > Hi. Take look here: http://www.file.net/process/pcandis5.sys.html Karl-Olav >> Stay informed about: PCANDIS5.sys Trojan or False Positive?

Russg

External

Since: Jun 03, 2006
Posts: 117

(Msg. 11) Posted: Tue Jul 01, 2008 3:46 pm Post subject: Re: PCANDIS5.sys Trojan or False Positive? [Login to view extended thread Info.] Archived from groups: per prev. post (more info?)

"Karl-Olav Nyberg" <> wrote in message > > "Tim Rogers" <> skrev i melding >> AVG Free 8.0 Resident Shield came up with PCANDIS5.sys as trojan Horse >> last night. >> >> Have put it in the Virus fault but can't seem to find anything about this >> file? >> >> So Trojan or False Positive????? >> >> Tim >> > > Hi. > > Take look here: http://www.file.net/process/pcandis5.sys.html > > Karl-Olav Since you can't tell if it is malware or not, then submit it to www.virustotal.com, and you should know if it is malware. >> Stay informed about: PCANDIS5.sys Trojan or False Positive?

Display posts from previous:

Related Topics:

NOD32 - False Positive for Hatu Trojan -

False positive with a-squared anti trojan? -

Trojan Horse Generic8.LDI False Positive - My Free AVG has just done it's daily scan and it's come up with this Virus/Trojan Horse. It was in the following place: C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe This I understand is part of MS Works. Anyway I removed..

New False Positive from Spyware Doctor? - After today's update, Spyware Doctor reported the trojan backdoor.agent.air on 2 PCs today. In both cases, it appears it may be a false positive which is triggered by our use of the antivirus nod32 since the nod32 resides in that c:\Program~1\Eset\..

New False Positive From Spyware Doctor? - After today's update, Spyware Doctor reported the trojan backdoor.agent.air on 2 PCs today. In both cases, it appears it may be a false positive which is triggered by our use of the antivirus nod32 since the nod32 resides in that c:\Program~1\Eset\..

	Security Forums (Home) -> General Discussions	All times are: Pacific Time (US & Canada)
Page 1 of 1

You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum