Jump to content
pittstop

False Positive(?) can't report normally

Recommended Posts

I have two questions and looking through the forums I'm not finding the answer so I'm starting a new topic in the hopes someone can explain what is happening and the best course of action.

firstly. I ran a full system scan 2 days ago and found nothing, but out of curiosity I also immediately after ran a critical point scan. Following this second process I got a report similar to this one

Application Version : 5.0.1146

Core Rules Database Version : 8503

Trace Rules Database Version: 6315

Scan type : Critical Point Scan

Total Scan Time : 00:08:25

Operating System Information

Windows XP Professional 32-bit, Service Pack 3 (Build 5.01.2600)

Administrator

Memory items scanned : 692

Memory threats detected : 0

Registry items scanned : 29049

Registry threats detected : 1

File items scanned : 3645

File threats detected : 1

Trojan.Agent/Gen-Injector

[AzMixerSel] C:\PROGRAM FILES\REALTEK\INSTALLSHIELD\AZMIXERSEL.EXE

C:\PROGRAM FILES\REALTEK\INSTALLSHIELD\AZMIXERSEL.EXE

Basically it claims I have a trojan - trogan.agent/gen-injector to be specific.

I googled for the files it claims are infected "AZMIXERSEL.EXE" and all the information I have, regarding where in my computer this file was found, the configuration of my hardware, etc, that this file is most likely legit and not a trojan.

On the advice written in another conversation here, I removed the suspect file from the quarantine and attempted a second scan so that I might report it as a false positive. This is where my second problem occurred. The boxes to make the report were whited out, so my only options were to allow it or remove it again (which I did generating the attached report).

Full system scans are NOT reporting this file as suspicious ONLY critical point scans, which makes me more suspisious that this issue is a bug in the SUPERAntiSpyware programme itself.

As I cannot report this via the normal method, what advise can you give me as to how to proceed.

The file in question is an integral part of my REALTEX sound card and without it the audio could be compromised on my laptop, so I only want to permanently delete it if it is unquestionably suspect.

***

apologies for posting this in the general question section, I'm new here ans wasn't aware there was a specific false positives sub-section, however, since the second part of my inquiry relates to a potential issue with the scanner itself, I hope this will be ok.

Share this post


Link to post
Share on other sites

Please update your definitions, that was a FP from Tuesday which has fixed in the next definitions release that morning.

I updated and ran another scan this morning, the same issue occurred. Critical point scans are claiming the file is suspicious, but not allowing me to report it as a false positive, full system scans aren't finding anything. I ALWAYS update definitions daily or immediately before running a scan, so the critical point scans done today should not have found the false positive, but they have.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...