Jump to content
IObit Forum
Top Free Driver Updater Tools Best 25 PC Optimization Software Best 22 Antimalware Best 22 Uninstaller Software IObit Coupons & Discount Offers PC Optimizer

False/Positive (LogiDPPApp.exe) [SOLVED by db 1617]


Recommended Posts

After updating to the lastest 1.4.5 version and the new definition file 1615 I received a Trojan.Agent alert on file LogiDPPApp.exe. This file was an update from Logitech, Inc. on May 14th for their Webcam Pro 9000.

 

I checked the properties on this file and it has a digital signature from Logitech, Inc.

 

Please find the saved file information below:

 

IObit Security 360

 

OS:Windows Vista

Version:1.4.5.67

Define Version:1615

Time Elapsed:00:00:54

Objects Scanned:46554

Threats Found:1

 

|Name|Type|Description|ID|

Trojan.Agent, File, C:\Windows\system32\LogiDPPApp.exe, 12-312

 

I have added this file to the ignore list until you can correct your definition file.

 

Thanks,

 

Les Bater

Link to comment
Share on other sites

After updating to the lastest 1.4.5 version and the new definition file 1615 I received a Trojan.Agent alert on file LogiDPPApp.exe. This file was an update from Logitech, Inc. on May 14th for their Webcam Pro 9000.

 

I checked the properties on this file and it has a digital signature from Logitech, Inc.

 

Please find the saved file information below:

 

IObit Security 360

 

OS:Windows Vista

Version:1.4.5.67

Define Version:1615

Time Elapsed:00:00:54

Objects Scanned:46554

Threats Found:1

 

|Name|Type|Description|ID|

Trojan.Agent, File, C:\Windows\system32\LogiDPPApp.exe, 12-312

 

I have added this file to the ignore list until you can correct your definition file.

 

Thanks,

 

Les Bater

 

Hi LesBater

 

Thanks for your feedbcak.

 

You can upload to http://www.wikisend.com or send us your suspicious file(LogiDPPApp.exe), and then we can further investigate it. At the same time, you can upload your suspicious file to http://www.virustotal.com for analyzing, and post your analysis report.

 

We are looking forward to your reply.

Link to comment
Share on other sites

False/Positive on LogiDPPApp.exe

 

Hi LesBater

 

Thanks for your feedbcak.

 

You can upload to http://www.wikisend.com or send us your suspicious file(LogiDPPApp.exe), and then we can further investigate it. At the same time, you can upload your suspicious file to http://www.virustotal.com for analyzing, and post your analysis report.

 

We are looking forward to your reply.

 

I have attachted a PDF of the Virus Report from virustotal.com for your review.

 

thanks,

 

 

Les Bater

Link to comment
Share on other sites

False/Positive onLogiDPPApp.exe

 

I have attachted a PDF of the Virus Report from virustotal.com for your review.

 

thanks,

 

 

Les Bater

 

I don't know what happened to the attachment, but I will try again as an rar file.

 

Les Bater

Link to comment
Share on other sites

Hi LesBater

 

Thanks for your feedbcak.

 

You can upload to http://www.wikisend.com or send us your suspicious file(LogiDPPApp.exe), and then we can further investigate it. At the same time, you can upload your suspicious file to http://www.virustotal.com for analyzing, and post your analysis report.

 

We are looking forward to your reply.

 

Here is the report in HTML.

 

File LogiDPPApp.exe received on 2010.06.22 18:51:46 (UTC)Antivirus Version Last Update Result

a-squared 5.0.0.30 2010.06.22 -

AhnLab-V3 2010.06.22.02 2010.06.22 -

AntiVir 8.2.2.6 2010.06.22 -

Antiy-AVL 2.0.3.7 2010.06.22 -

Authentium 5.2.0.5 2010.06.22 -

Avast 4.8.1351.0 2010.06.22 -

Avast5 5.0.332.0 2010.06.22 -

AVG 9.0.0.787 2010.06.22 -

BitDefender 7.2 2010.06.22 -

CAT-QuickHeal 10.00 2010.06.22 -

ClamAV 0.96.0.3-git 2010.06.22 -

Comodo 5185 2010.06.22 -

DrWeb 5.0.2.03300 2010.06.22 -

eSafe 7.0.17.0 2010.06.22 -

eTrust-Vet 36.1.7658 2010.06.22 -

F-Prot 4.6.1.107 2010.06.21 -

F-Secure 9.0.15370.0 2010.06.22 -

Fortinet 4.1.133.0 2010.06.22 -

GData 21 2010.06.22 -

Ikarus T3.1.1.84.0 2010.06.22 -

Jiangmin 13.0.900 2010.06.15 -

Kaspersky 7.0.0.125 2010.06.22 -

McAfee 5.400.0.1158 2010.06.22 -

McAfee-GW-Edition 2010.1 2010.06.22 -

Microsoft 1.5902 2010.06.22 -

NOD32 5219 2010.06.22 -

Norman 6.05.10 2010.06.22 -

nProtect 2010-06-22.01 2010.06.22 -

Panda 10.0.2.7 2010.06.22 -

PCTools 7.0.3.5 2010.06.22 -

Rising 22.53.01.04 2010.06.22 -

Sophos 4.54.0 2010.06.22 -

Sunbelt 6489 2010.06.22 -

Symantec 20101.1.0.89 2010.06.22 -

TheHacker 6.5.2.0.302 2010.06.22 -

TrendMicro 9.120.0.1004 2010.06.22 -

TrendMicro-HouseCall 9.120.0.1004 2010.06.22 -

VBA32 3.12.12.5 2010.06.22 -

ViRobot 2010.6.21.3896 2010.06.22 -

VirusBuster 5.0.27.0 2010.06.22 -

 

Additional information

File size: 102744 bytes

MD5   : 1d330a91cf163af1fd9db70c1b977544

SHA1  : e1490f64eac42f12e8d60b4a35000480c2c5ee53

SHA256: 28aab105afa2e4988fde9994e2d9aaa0d87d4078c5469df9475eebdae9275a10

PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x11B5<BR>timedatestamp.....: 0x4BEDC68D (Fri May 14 23:54:21 2010)<BR>machinetype.......: 0x14C (Intel I386)<BR><BR>( 4 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0x62F5 0x6400 6.58 0c361435b7ea41d44cb3ef85766197f9<BR>.rdata 0x8000 0x1CA8 0x1E00 5.38 80b7559436ac9e65c15ba5ab571606f1<BR>.data 0xA000 0x1A7C 0xE00 2.30 ddf2e34b07c865565b48e3954d738940<BR>.rsrc 0xC000 0xE68C 0xE800 4.82 c116ba578dcc8bd447e2aef9ea596276<BR><BR>( 3 imports )<BR><BR>> kernel32.dll: SetLastError, CreateMutexW, GetLastError, LCMapStringW, LCMapStringA, GetStringTypeW, MultiByteToWideChar, GetStringTypeA, WideCharToMultiByte, GetLocaleInfoA, GetStartupInfoW, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, GetModuleHandleW, Sleep, GetProcAddress, ExitProcess, WriteFile, GetStdHandle, GetModuleFileNameA, GetModuleFileNameW, FreeEnvironmentStringsW, GetEnvironmentStringsW, GetCommandLineW, SetHandleCount, GetFileType, GetStartupInfoA, DeleteCriticalSection, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, InterlockedIncrement, GetCurrentThreadId, InterlockedDecrement, HeapCreate, VirtualFree, HeapFree, QueryPerformanceCounter, GetTickCount, GetCurrentProcessId, GetSystemTimeAsFileTime, LeaveCriticalSection, EnterCriticalSection, LoadLibraryA, InitializeCriticalSectionAndSpinCount, GetCPInfo, GetACP, GetOEMCP, IsValidCodePage, HeapAlloc, VirtualAlloc, HeapReAlloc, RtlUnwind, HeapSize<BR>> logidpp.dll: InvokeDriverPropPanel<BR>> user32.dll: PostQuitMessage, EndPaint, BeginPaint, DefWindowProcW, DestroyWindow, EndDialog, DialogBoxParamW<BR><BR>( 0 exports )<BR>

TrID  : File type identification<BR>Win32 Executable MS Visual C++ (generic) (75.0%)<BR>Win32 Executable Generic (16.9%)<BR>Generic Win/DOS Executable (3.9%)<BR>DOS Executable Generic (3.9%)<BR>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)

ssdeep: 1536:tEshLsODCUUDInm2g2ZMxR2dR//bqPWmgazCG:t3hLsvU2z2ZYRezqPWmRH

sigcheck: publisher....: Logitech Inc.<BR>copyright....: © 1996-2010 Logitech. All rights reserved.<BR>product......: Logitech Webcam Software<BR>description..: Device property page component<BR>original name: LogiDPPApp.exe<BR>internal name: LogiDPPApp.exe<BR>file version.: 13.00.1783.0<BR>comments.....: n/a<BR>signers......: Logitech Inc<BR>VeriSign Class 3 Code Signing 2009-2 CA<BR>Class 3 Public Primary Certification Authority<BR>signing date.: 11:56 PM 5/14/2010<BR>verified.....: -<BR>

PEiD  : -

RDS   : NSRL Reference Data Set<BR>-

 

 

Thanks,

 

Les Bater

Link to comment
Share on other sites

Here is the report in HTML.

 

File LogiDPPApp.exe received on 2010.06.22 18:51:46 (UTC)Antivirus Version Last Update Result

a-squared 5.0.0.30 2010.06.22 -

AhnLab-V3 2010.06.22.02 2010.06.22 -

AntiVir 8.2.2.6 2010.06.22 -

Antiy-AVL 2.0.3.7 2010.06.22 -

Authentium 5.2.0.5 2010.06.22 -

Avast 4.8.1351.0 2010.06.22 -

Avast5 5.0.332.0 2010.06.22 -

AVG 9.0.0.787 2010.06.22 -

BitDefender 7.2 2010.06.22 -

CAT-QuickHeal 10.00 2010.06.22 -

ClamAV 0.96.0.3-git 2010.06.22 -

Comodo 5185 2010.06.22 -

DrWeb 5.0.2.03300 2010.06.22 -

eSafe 7.0.17.0 2010.06.22 -

eTrust-Vet 36.1.7658 2010.06.22 -

F-Prot 4.6.1.107 2010.06.21 -

F-Secure 9.0.15370.0 2010.06.22 -

Fortinet 4.1.133.0 2010.06.22 -

GData 21 2010.06.22 -

Ikarus T3.1.1.84.0 2010.06.22 -

Jiangmin 13.0.900 2010.06.15 -

Kaspersky 7.0.0.125 2010.06.22 -

McAfee 5.400.0.1158 2010.06.22 -

McAfee-GW-Edition 2010.1 2010.06.22 -

Microsoft 1.5902 2010.06.22 -

NOD32 5219 2010.06.22 -

Norman 6.05.10 2010.06.22 -

nProtect 2010-06-22.01 2010.06.22 -

Panda 10.0.2.7 2010.06.22 -

PCTools 7.0.3.5 2010.06.22 -

Rising 22.53.01.04 2010.06.22 -

Sophos 4.54.0 2010.06.22 -

Sunbelt 6489 2010.06.22 -

Symantec 20101.1.0.89 2010.06.22 -

TheHacker 6.5.2.0.302 2010.06.22 -

TrendMicro 9.120.0.1004 2010.06.22 -

TrendMicro-HouseCall 9.120.0.1004 2010.06.22 -

VBA32 3.12.12.5 2010.06.22 -

ViRobot 2010.6.21.3896 2010.06.22 -

VirusBuster 5.0.27.0 2010.06.22 -

 

Additional information

File size: 102744 bytes

MD5   : 1d330a91cf163af1fd9db70c1b977544

SHA1  : e1490f64eac42f12e8d60b4a35000480c2c5ee53

SHA256: 28aab105afa2e4988fde9994e2d9aaa0d87d4078c5469df9475eebdae9275a10

PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x11B5<BR>timedatestamp.....: 0x4BEDC68D (Fri May 14 23:54:21 2010)<BR>machinetype.......: 0x14C (Intel I386)<BR><BR>( 4 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0x62F5 0x6400 6.58 0c361435b7ea41d44cb3ef85766197f9<BR>.rdata 0x8000 0x1CA8 0x1E00 5.38 80b7559436ac9e65c15ba5ab571606f1<BR>.data 0xA000 0x1A7C 0xE00 2.30 ddf2e34b07c865565b48e3954d738940<BR>.rsrc 0xC000 0xE68C 0xE800 4.82 c116ba578dcc8bd447e2aef9ea596276<BR><BR>( 3 imports )<BR><BR>> kernel32.dll: SetLastError, CreateMutexW, GetLastError, LCMapStringW, LCMapStringA, GetStringTypeW, MultiByteToWideChar, GetStringTypeA, WideCharToMultiByte, GetLocaleInfoA, GetStartupInfoW, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, GetModuleHandleW, Sleep, GetProcAddress, ExitProcess, WriteFile, GetStdHandle, GetModuleFileNameA, GetModuleFileNameW, FreeEnvironmentStringsW, GetEnvironmentStringsW, GetCommandLineW, SetHandleCount, GetFileType, GetStartupInfoA, DeleteCriticalSection, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, InterlockedIncrement, GetCurrentThreadId, InterlockedDecrement, HeapCreate, VirtualFree, HeapFree, QueryPerformanceCounter, GetTickCount, GetCurrentProcessId, GetSystemTimeAsFileTime, LeaveCriticalSection, EnterCriticalSection, LoadLibraryA, InitializeCriticalSectionAndSpinCount, GetCPInfo, GetACP, GetOEMCP, IsValidCodePage, HeapAlloc, VirtualAlloc, HeapReAlloc, RtlUnwind, HeapSize<BR>> logidpp.dll: InvokeDriverPropPanel<BR>> user32.dll: PostQuitMessage, EndPaint, BeginPaint, DefWindowProcW, DestroyWindow, EndDialog, DialogBoxParamW<BR><BR>( 0 exports )<BR>

TrID  : File type identification<BR>Win32 Executable MS Visual C++ (generic) (75.0%)<BR>Win32 Executable Generic (16.9%)<BR>Generic Win/DOS Executable (3.9%)<BR>DOS Executable Generic (3.9%)<BR>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)

ssdeep: 1536:tEshLsODCUUDInm2g2ZMxR2dR//bqPWmgazCG:t3hLsvU2z2ZYRezqPWmRH

sigcheck: publisher....: Logitech Inc.<BR>copyright....: © 1996-2010 Logitech. All rights reserved.<BR>product......: Logitech Webcam Software<BR>description..: Device property page component<BR>original name: LogiDPPApp.exe<BR>internal name: LogiDPPApp.exe<BR>file version.: 13.00.1783.0<BR>comments.....: n/a<BR>signers......: Logitech Inc<BR>VeriSign Class 3 Code Signing 2009-2 CA<BR>Class 3 Public Primary Certification Authority<BR>signing date.: 11:56 PM 5/14/2010<BR>verified.....: -<BR>

PEiD  : -

RDS   : NSRL Reference Data Set<BR>-

 

 

Thanks,

 

Les Bater

 

Hi les

 

thanks for your support.

this is a FP . We will solve this question in our later update 1617.

 

cheers.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...