Show Posts
1
fSekrit / Trojan with fSekrit filename -false positive
« on: October 28, 2009, 05:47 PM »
Hello, I stumbled across this forum from the donationcoder.com download page for fSekrit so this is my first post. I searched around for answers on my question but couldn't come up with much.
I've been using fSekrit 1.35 for a couple years now and have never had any issues other than one incident of corrupted files (hard drive crash unrelated to the software). It's been a great program to store information. Just today I updated my Spybot Search & Destroy definitions and ran a scan. I've done this many times in the past and come up with nothing but today I got a warning below about a trojan. I clicked to fix the problem and it did so but when I scanned again it picked up the same virus but the last 4 characters in the filename changed. AVG free didn't pick it up. After cleaning with Spybot, the file does not reappear until an instance of fSekrit is run.
Any ides on this? I'm thinking that it's either a false positive (but I'd like to verify that that temp file is supposed to be created), an infection unrelated to fSekrit or something that has come in and is working off my current fSekrit files.
When I run the application under Sandboxie it shows that it creates that temp file. This leads me to think that it's a false positive but I want to make sure it's not a security issue.
Thanks,
Mike
edit by jgpaiva: added '-false positive' to thread name
I've been using fSekrit 1.35 for a couple years now and have never had any issues other than one incident of corrupted files (hard drive crash unrelated to the software). It's been a great program to store information. Just today I updated my Spybot Search & Destroy definitions and ran a scan. I've done this many times in the past and come up with nothing but today I got a warning below about a trojan. I clicked to fix the problem and it did so but when I scanned again it picked up the same virus but the last 4 characters in the filename changed. AVG free didn't pick it up. After cleaning with Spybot, the file does not reappear until an instance of fSekrit is run.
Any ides on this? I'm thinking that it's either a false positive (but I'd like to verify that that temp file is supposed to be created), an infection unrelated to fSekrit or something that has come in and is working off my current fSekrit files.
When I run the application under Sandboxie it shows that it creates that temp file. This leads me to think that it's a false positive but I want to make sure it's not a security issue.
Thanks,
Mike
edit by jgpaiva: added '-false positive' to thread name