Jump to content


Photo

False Positive: Android SDK AVD Manager.exe


  • Please log in to reply
5 replies to this topic

#1 trparky

trparky

    New Member

  • Members
  • Pip
  • 35 posts
  • Gender:Male
  • Location:Cleveland, OH, USA
  • Interests:Programming (PHP and MySQL), Computer Repair, etc.

Posted 30 April 2012 - 11:16 AM

I had MalwareBytes pop up an alert about AVD Manager.exe from the Android SDK.

I checked VirusTotal for the MD5 signature of 43EFBE2A0EC17D683EED2FB9884F1F6F and according to these results, I have to say that it can't be a threat.

#2 trparky

trparky

    New Member

  • Members
  • Pip
  • 35 posts
  • Gender:Male
  • Location:Cleveland, OH, USA
  • Interests:Programming (PHP and MySQL), Computer Repair, etc.

Posted 30 April 2012 - 11:20 AM

Crap... I don't think it attached the file in question.

Attached Files



#3 miekiemoes

miekiemoes

    Forum Deity

  • Administrators
  • PipPipPipPipPipPip
  • 7,676 posts
  • Gender:Female
  • Location:Belgium

Posted 30 April 2012 - 11:31 AM

Hi,

Thanks for reporting this. This is indeed a false positive and will be fixed in next update.
Mieke Verburgh
Director of Research

Posted Image

Follow us: Twitter, Become a fan: Facebook

#4 trparky

trparky

    New Member

  • Members
  • Pip
  • 35 posts
  • Gender:Male
  • Location:Cleveland, OH, USA
  • Interests:Programming (PHP and MySQL), Computer Repair, etc.

Posted 30 April 2012 - 11:58 AM

There is a second SDK Manager.exe file on my computer, that file's MD5 is D8CA27D7648276F40A7663145480E45C.

Attached Files



#5 trparky

trparky

    New Member

  • Members
  • Pip
  • 35 posts
  • Gender:Male
  • Location:Cleveland, OH, USA
  • Interests:Programming (PHP and MySQL), Computer Repair, etc.

Posted 30 April 2012 - 11:59 AM

Malwarebytes Anti-Malware (PRO) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.04.30.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Tom :: TOMSDESKTOPI7 [administrator]

Protection: Enabled

4/30/2012 12:19:20 PM
mbam-log-2012-04-30 (12-58-53).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 289611
Time elapsed: 1 minute(s), 51 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Tom\AppData\Local\Temp\temp-android-tool\lib\SDK Manager.exe (Backdoor.Agent.DGen) -> No action taken. [0cf1aefd47156dc99ea15f425da34fb1]

(end)

#6 miekiemoes

miekiemoes

    Forum Deity

  • Administrators
  • PipPipPipPipPipPip
  • 7,676 posts
  • Gender:Female
  • Location:Belgium

Posted 30 April 2012 - 12:03 PM

Hi,

The second file is also detected with the same generic detection as the first one, so has been fixed in latest update (which has been pushed out a few minutes ago) :)
Mieke Verburgh
Director of Research

Posted Image

Follow us: Twitter, Become a fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users