none
Sysinternals Suite pendmoves.exe reported as malware RRS feed

  • Question

  • When I download the latest version of Sysinternals my anti-malware software flags tools\pendmoves.exe as malware with virus name W32/Farfli.ML2!tr. If I download the standalone version of pendmoves.exe my anti-malware software does not flag it as the aforementioned virus. My concern is the version shipped with the suite has been compromised.

    Friday, November 15, 2019 8:09 PM

Answers

  • I think it is a false positive of your scanner.

    I just downloaded the suite and passed it through VisrusTotal.

    It was scanned by 70 antivirus and none reported anything.

    When in doubt go to VirusTotal: https://www.virustotal.com/gui/home/upload

    Thanks
    -mario

    • Proposed as answer by mariora_ Saturday, November 16, 2019 11:46 AM
    • Marked as answer by tmiller82 Monday, November 18, 2019 6:46 AM
    Saturday, November 16, 2019 11:46 AM

All replies

  • I think it is a false positive of your scanner.

    I just downloaded the suite and passed it through VisrusTotal.

    It was scanned by 70 antivirus and none reported anything.

    When in doubt go to VirusTotal: https://www.virustotal.com/gui/home/upload

    Thanks
    -mario

    • Proposed as answer by mariora_ Saturday, November 16, 2019 11:46 AM
    • Marked as answer by tmiller82 Monday, November 18, 2019 6:46 AM
    Saturday, November 16, 2019 11:46 AM
  • If it checks out then we're all good. I was a little concerned when downloading the standalone pendmoves didn't yield the same result with the virus scanner. Thanks for looking into it.
    Monday, November 18, 2019 6:46 AM
  • No problem.. always glad to help..

    Thanks
    -mario

    Monday, November 18, 2019 7:55 AM