Jump to content
DarkButterfly

False positives?

Recommended Posts

Hi, since a few days ago that SAS (4.20.1026) detects a few malware in my machine, but it fails to remove them, as they keep coming up.

I tried other tools and none finds these malware.

I then booted with a VistaPE boot disk that I created bundled with other malware scanners, including SAS, that I made portable for this specific case.

SAS found the same malware threats, but this time, not in the C:\drive, but in the X:\ drive, which is VistaPE temporarily drive.

I then wondered if they couldn't be false positives. So, I tried SAS in a virtual machine.

I installed Windows Vista and SAS. I updated SAS and it found those malware threats on the virtual machine. How is that even possible? How is it possible that SAS detects its own signatures as malware?

This is the log:

SUPERAntiSpyware Scan Log

https://www.superantispyware.com

Generated 08/23/2008 at 12:16 PM

Application Version : 4.20.1026

Core Rules Database Version : 3543

Trace Rules Database Version: 1532

Scan type : Complete Scan

Total Scan Time : 00:45:36

Memory items scanned : 526

Memory threats detected : 0

Registry items scanned : 7784

Registry threats detected : 0

File items scanned : 13164

File threats detected : 15

Rogue.Internet Antivirus

C:\Program Files\IA

C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IA

Browser Hijacker.MJCore

C:\Program Files\Mjcore

C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mjcore

Rogue.AntiVirus 2009

C:\Program Files\AV9

C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AV9

Browser Hijacker.WebTools

C:\Program Files\Webtools

C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webtools

Browser Hijacker.Skra

C:\Program Files\Skra

C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Skra

Trojan.XP Security Center

C:\Program Files\XPSecurityCenter

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPSecurityCenter

Adware.Media-Codec/ZLob

C:\Program Files\Applications

Rogue.AntivirAssistant

C:\ANTIVIRASISTANT

C:\ANTIVIRASSISTANT

Please advice me.

SAS is the only tool detecting them. No other tool can. I already uploaded Hijackthis and HijackFree logs, and as well other logs in a few security forums and they all say my system is clean.

Thanks

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

×