[SOLVED] Listchkdskresult By Sleepydude is it a trojan?

U

User Of Inspiron 1420

Member
Joined
Sep 17, 2021
Posts
222
I am worried that my computer is infected by this possible files distributed in the sysnative forum.Is it a false positive or a real virus?Here is the result from virustotal
VirusTotal
Here is the file I got(I zipped it without password as it won't let me upload it here directly):
 

Attachments

It is a false positive, SleepyDude is one of the Windows Update experts assisting others with Windows Update problems.

Listchkdskresult allows you to get a list/overview of all chkdsk scans that have been run, very useful to get some indication of how the drive is doing.
 
I had just get some prove here from kaspersky that it is a false positive after contacting them by the way!
Kaspersky AntiVirus Lab <newvirus@kaspersky.com>
24 October 2021 at 12:42​
To: "<removed>"
Hello,

Thank you for contacting Antivirus Lab.
Your request #1164274 has been registered and will be processed by virus analyst soon.
This is an automatically generated message. If you have additional information about this request, please reply to this e-mail.

39A/3 Leningradskoe Shosse, Moscow, 125212, Russia Tel./Fax: + 7 (495) 797 8700 http://www.kaspersky.com https://securelist.com

__________________________________________

From: <removed>
Received: 10/24/2021 4:42:07 AM (UTC)
Sent: 10/24/2021 4:42:05 AM (UTC)
To: newvirus@kaspersky.com
Subject: Kaspersky Anti-virus Lab replies to your request [VD3] [FILE:2]

Client feedback, query 0C4C3E1FC8CBA2480AD4EAF976CB0F0B685E20430F95792F1787669A4ADF3324, type [Hash], zone [Red], was sent with the following commentary:
This file had been used in sysnative forum for checking windows event log.Are they spreading a real virus or it is a false positive?.

This message is generated automatically by OpenTIP.
With Best regards,
OpenTIP Team.

Kaspersky AntiVirus Lab <newvirus@kaspersky.com>
24 October 2021 at 13:58​
To: "<removed>"
Hello,

Sorry, it was a false detection. It will be fixed.
Thank you for your help.

Best regards, Alexey Komelyagin, Malware Analyst
39A/3 Leningradskoe Shosse, Moscow, 125212, Russia Tel./Fax: + 7 (495) 797 8700 http://www.kaspersky.com https://securelist.com
Kaspersky Threat Intelligence Portal - get insights about suspicious files, hashes, URLs, IP addresses or domain names

__________________________________________

From: <removed>
Received: 10/24/2021 4:42:07 AM (UTC)
Sent: 10/24/2021 4:42:05 AM (UTC)
To: newvirus@kaspersky.com
Subject: Kaspersky Anti-virus Lab replies to your request [VD3] [FILE:2]

Client feedback, query 0C4C3E1FC8CBA2480AD4EAF976CB0F0B685E20430F95792F1787669A4ADF3324, type [Hash], zone [Red], was sent with the following commentary:
This file had been used in sysnative forum for checking windows event log.Are they spreading a real virus or it is a false positive?.

This message is generated automatically by OpenTIP.
With Best regards,
OpenTIP Team.
 
Last edited by a moderator:
Most of the well known specialized tools we use against malware are written by Security Experts/Security Colleagues at various security forums, like Sysnative, so they can be trusted. SleepyDude is one of these Experts, and his tool is really very helpful when we deal with disk issues.

False detections by antivirus programs for legitimate programs/files are not uncommon for a variety of reasons. Either have your antivirus ignore the detection or temporarily disable it until you download and run the tool.

By the way, your post above includes personal information (email address) which has to be removed.
 
Email address has been removed.

Sysnative has signed SFCFix and SysnativeBSODCollectionApp with a digital signature preventing most antivirus programs from flagging it. A lack of the signature was the reason for the majority of these antivirus programs to flag these tools. Possibly the same reason applies to the listchkdskresult by SleepyDude.
 
Just an FYI.

Posts have a limited timeframe where in you can edit your post to fix typos or remove sensitive information, such as your email. This limit is there to prevent spammers from editing older posts to promote their products. This limit is only a few minutes, 5 I believe to be exact. I recommend taking a few minutes to review your posts before posting it to see if it's correct and doesn't contain confidential information. If for any reason something slips through you can always report it and a moderator will remove the information asap like I have just done for you.
 
axe0 said:
Email address has been removed.

Sysnative has signed SFCFix and SysnativeBSODCollectionApp with a digital signature preventing most antivirus programs from flagging it. A lack of the signature was the reason for the majority of these antivirus programs to flag these tools. Possibly the same reason applies to the listchkdskresult by SleepyDude.
Click to expand...
I just report them one by one!They will be removing it ASAP!
 
You must log in or register to reply here.

Has Sysnative Forums helped you? Please consider donating to help us support the site!

Back
Top