Jump to content

SAS Malware Research

Members
  • Content count

    100
  • Joined

  • Last visited

Everything posted by SAS Malware Research

  1. heuristic.backdoor.process

    Hello DxTrEm3Fx, Thank you for mentioning this false detection. I have adjusted the definition database and this file should no longer be detected as of database version 14148 (which will be released in the next few hours). Update to 14148 and scan again (a restart of SAS may be required). Please let me know if this solves your issue, or if you have any other questions or concerns. Gabe Burch Primary Malware Researcher SUPERAntiSpyware
  2. False Positives for Renee

    Hello Miss Xie, These setup files bundle several unwanted programs along with them. In order for them to not be detected by SUPERAntiSpyware, you will need to use some other installer which does not bundle unwanted programs. Gabe Burch Primary Malware Researcher SUPERAntiSpyware
  3. False positive: PCadB2AConverter

    Hello ivan.mataish, I have adjusted the definition database and this file should no longer be detected as of database version 14113, which will be published shortly. Please let me know if this solves your issue, or if you have any other questions or concerns. Gabe Burch Primary Malware Researcher SUPERAntiSpyware
  4. PC Wizard systweakasp_c.exe

    Hello lascetic, After some investigation I've determined that PC Wizard should not be detected. I have adjusted the definition database and these files should no longer be detected as of database version 14068, which will be released shortly. Update to 14068 and scan again (a restart of SAS may be required). Please let me know if this file is still being detected, or if you have any other questions or concerns. Gabe Burch Primary Malware Researcher SUPERAntiSpyware
  5. WMPPlus-2.8.exe and WMPTagPlus-2.6.exe false positives.

    Hello lascetic, Thank you for bringing this to our attention. I have adjusted the definition database and these files should no longer be detected as of database version 13474, which will be released shortly. Please let me know if you have any other questions or concerns, Gabe
  6. (Solved) Unlocker (1.9.2) - False Positive

    Hello One_II_Coding, Adware detections only let the user know that the file may display ads or have freeware bundled with it. Detections such as this do not remove the file automatically and are not displayed as critical threats. In order to no longer see this detection simply click the thumbs-up icon to the right of the detection and SAS should no longer detect the file in question. Please let me know if you have any other questions or concerns, Gabe Burch Primary Malware Researcher SUPERAntiSpyware
  7. (Solved) Babylon Software - False Positive

    Hello Ran, Sorry about the wait - GuiltySpark was correct that the majority of the team was on holiday (myself included). I have adjusted the definition database and Babylon should no longer be detected by SUPERAntiSpyware as of database version 13263, which will be released within the next few hours. Update to version 13263 and scan again (a restart of SAS may be required). Please let me know if this solves your issue, or if you have any other questions or concerns. Gabe Burch Primary Malware Researcher SUPERAntiSpyware
  8. Zotero standalone false positive?

    Hello wpc09, I believe I have found the cause of this false detection. I have adjusted the definition database and this file should no longer be detected as of database version 13263, which will be released within the next few hours. Update to 13263, restart SAS, and then re-attempt to install the Zotero app. Please let me know if this solves your problem, or if you have any other questions or concerns, Gabe Burch Primary Malware Researcher SUPERAntiSpyware
  9. NSIS False Positive

    Hello MajorDude, Thank you for bringing this to our attention. I believe I have found the cause of this false detection. I have adjusted the definition database and this file should no longer be detected as of database version 13126 which was just released. Please let me know if you have any other questions or concerns, Gabe
  10. VulkanInfo false positive

    Very interesting. Try completely restarting SUPERAntiSpyware and scanning again. To fully close SAS, right-click the small bug icon on the right side of your taskbar then click exit. If these are still being detected after restarting SAS, I'd like you to submit a customer support ticket so we can get some more information and figure out what exactly is happening. Gabe
  11. VulkanInfo false positive

    Hello siliconman01, Thank you for letting us know about a possible false detection. Currently we do not detect the attached file. (note: both files attached are identical) It looks as if we already adjusted the definition database to deal with this false detection. I would suggest you update to the current database version (13045) and scan again. If these are still being detected, we can take further action to investigate. Please let me know if you have any other questions or concerns, Gabe Burch Primary Malware Researcher SUPERAntiSpyware
  12. 'Manage Allowed Items' How does one add allowed items?

    Hello DBH, The first thing I'd like you to do is double-check the Excluded Folders in SUPERAntiSpyware to verify that the folder in question is indeed excluded. On the main screen click the System Tools button at the top, then click the Advanced Scan Settings button on the left. You should see the Modify Excluded File Locations button on the right. Is the folder in question listed in the Excluded Folders section? If not, click the Plus in the upper right and add the folder manually. Let me know if this solves your issue - if not I'll have you submit a customer support ticket and we can take a closer look at what's going on. Gabe Burch Primary Malware Researcher SUPERAntiSpyware
  13. FP report

    Hello antimalware.guy, Thank you for bringing this to our attention. Our detection of this file as PUP.DownloadSponsor seems to match the other results on VirusTotal. If you wish to keep this file and no longer want to see it detected by SAS, simply click the thumbs-up icon to the right of the detection after a scan. Gabe
  14. PCgen

    Hello waxman80014, Thank you for reporting this false detection. I have adjusted the database and this file should no longer be detected as of database version 12851, which was just released. Update to 12851 and scan again (a restart of SAS may be required). Please let me know if you have any other questions or concerns, Gabe Burch Primary Malware Researcher SUPERAntiSpyware
  15. False positive on nsis installer.

    Hello Kerry, Thank you for reporting this false detection. I have adjusted the database and this file should no longer be detected as of database version 12851, which was just released. Update to 12851 and scan again (a restart of SAS may be required). Please let me know if you have any other questions or concerns, Gabe Burch Primary Malware Researcher SUPERAntiSpyware
  16. Shutdown Schedule

    Hello gegjr, I would suggest setting up a scheduled scan for the general time you would be turning your system off, such as when you go to bed. Make sure to check the 'Power down this PC when task is complete' checkbox and your system will shut down after the scan is complete. As far as scanning when exiting a browser, currently you would need to initiate the scan manually. Please let me know if this answers your question, or if you have any other questions or concerns, Gabe
  17. Game Trainer for Oilrush false positive?

    Hello Newbie12, I have adjusted the definition database and this file should no longer be detected as of database version 12384 (which is being released this morning). Update to 12384 and scan again (a restart of SAS may be required). Please let me know if you have any other questions or concerns, Gabe
  18. False Positive: RUIFltr.sys, RUINetf.sys +

    Hello LxCi, I do find it odd that the files are not in the quarantine, but perhaps they were were removed by one of your other AV/Anti-Malware programs. Please fill out a customer support request and we will be able to send you a customized diagnostic which will give us more information about this detection and hopefully determine whether this is a false positive. Gabe
  19. False Positive: RUIFltr.sys, RUINetf.sys +

    Hello LxCi, The items which were removed should likely still be in your quarantine. Click the 'System Tools' button, then click the 'Quarantine' button. Items can be restored from there, then the next time they are detected simply click the thumbs-up icon to trust them and they will no longer be detected. Also, I would like you to submit a customer support request so we can get some more information about this detection. Gabe Burch Primary Malware Researcher SUPERAntiSpyware
  20. false positive adskiller

    Hello, I installed the Ads-Killer extension on a machine and scanned with SAS but nothing was detected. I also tried to download the file you linked to, however the link does not work. I have also responded to your Customer Support Ticket. If you could please fix the link or email the file to the address I sent you in the support ticket I should be able to assist you. Gabe
  21. Some Moosik - please add to

  22. Cannot remove detected registry threat

    Hello rjzdanis, I would like you to submit a support ticket so we can get some more information about this detection. Gabe Burch
  23. Hello jloz66, I installed ConverterLite directly from their website however nothing was detected by SAS. I would like you to fill out a customer support ticket and we should be able to determine what is going on. Gabe Burch Primary Malware Researcher SUPERAntiSpyware
  24. oem.exe false positive

    Hello lascetic, I have done some investigation and I believe I have found the cause of this false detection. I have adjusted the definition database and this file should no longer be detected as of database version 12603, which was just released. Update to 12603 and scan again (a restart of SAS may be required). Please let me know if this resolves the false detection, or if you have any other questions or concerns. Gabe
  25. False positive in my own executable

    Hello IgorMarkovic, I have done some investigation and I believe I have found the cause of the false detection. I have adjusted the database and this file should no longer be detected as of database version 12512 (which will be released within the next hour or so). Update to 12512 and scan again (a restart of SAS may be required). Please let me know if this solves your problem, or if you have any other issues or concerns, Gabe
×