Jump to content
mikew_nt

Complete scan vs. context menu scan w/ FP

By mikew_nt, in False Positives

Recommended Posts

mikew_nt   

mikew_nt
Posted

I know Gen-Zbot is generally being recognized as a false positive off this weekend.

 

Updating definitions to latest has fixed one of my two, but there is one that remains when I do a complete scan.

 

Here is the weird thing: if I Complete Scan, it shows up.

 

If I right-click to scan (context menu scan, right?), it passes.

 

Please fix both the FP and this discrepency between Complete Scan and context menu scan.

 

And of course, Virus Total passes this same file 0/47 detections.

 

 

SUPERAntiSpyware Scan Log
https://www.superantispyware.com

Generated 05/28/2013 at 06:46 AM

Application Version : 5.6.1020

Core Rules Database Version : 10450
Trace Rules Database Version: 8262

Scan type       : Complete Scan
Total Scan Time : 00:01:13

Operating System Information
Windows 7 Home Premium 32-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned      : 813
Memory threats detected   : 1
Registry items scanned    : 32478
Registry threats detected : 0
File items scanned        : 4277
File threats detected     : 1

Trojan.Agent/Gen-Zbot
 C:\USERS\WALSH\APPDATA\LOCAL\TEMP\PDK-WALSH-4336\38A10EE333CF1A9AFEC3F0ACDF1BBEBC\SCAN.DLL
 C:\USERS\WALSH\APPDATA\LOCAL\TEMP\PDK-WALSH-4336\38A10EE333CF1A9AFEC3F0ACDF1BBEBC\SCAN.DLL

 

SUPERAntiSpyware Scan Log
https://www.superantispyware.com

Generated 05/28/2013 at 06:48 AM

Application Version : 5.6.1020

Core Rules Database Version : 10450
Trace Rules Database Version: 8262

Scan type       : Complete Scan
Total Scan Time : 00:00:00

Operating System Information
Windows 7 Home Premium 32-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned      : 0
Memory threats detected   : 0
Registry items scanned    : 0
Registry threats detected : 0
File items scanned        : 1
File threats detected     : 0

Share this post

Link to post
Share on other sites

mikew_nt   

mikew_nt
Posted

Sorry, one other piece of info.  I exited and restarted SAS twice, and finally rebooted. Still have FP in Complete Scan, but passes in context menu scan.

Share this post

Link to post
Share on other sites

GuiltySpark   

GuiltySpark
Posted

Those are temp files, download CCleaner free version (use custom install and check for any unwanted programs that may want to install themselves and UN-check them).

 

Run CCleaner and restart your computer then try to run a Full Scan.

Share this post

Link to post
Share on other sites

mikew_nt   

mikew_nt
Posted

Yep, I'm aware those are temp files and can probably just be deleted.

 

However, I put up the post to bring to SAS's attention the fact that the context menu scan and the Complete Scan are reporting inconsistently.

 

That is a bug/problem

 

PS: I'll probably not delete the temp file since it corresponds to a FP problem that SAS needs to fix.

 

Those are temp files, download CCleaner free version (use custom install and check for any unwanted programs that may want to install themselves and UN-check them).

 

Run CCleaner and restart your computer then try to run a Full Scan.

Share this post

Link to post
Share on other sites

mikew_nt   

mikew_nt
Posted

The FP is now gone with the latest updates, but I still would like an explanation from SAS why it passed on a context menu scan and did not pass on a Complete Scan.  Same exact file, I copied the path precisely.

 

It leads me to now question whether SAS is correctly scanning on context menu scanning.

 

SAS, please respond.

Share this post

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Go To Topic Listing
×
×
  • Create New...