MajorGeeks Support Forums

Go Back   MajorGeeks Support Forums > ----------= PC, Desktop and Laptop Support =---------- > Malware Removal
Register FAQ Members List Calendar Casino Mark Forums Read

Malware Removal Malware removal forum. Please see the READ ME FIRST thread before you post. Forum is staffed by a small number of volunteers, please be patient.


Reply
 
Thread Tools Display Modes
  #1  
Old 05-27-09, 06:23
On edge On edge is offline
Corporal
 
Join Date: Mar 2007
Location: Here and there
Posts: 248
Thanks: 6
Thanked 7 Times in 7 Posts
Default TrojanKiller = lots of false positives

I recently downloaded trojan killer 2 (I think it was freeware before), and ran a deep scan with heuristics after updating the definitions. As far as I can tell, it reported over 30 false threats/suspicions. But have a look:

Quote:
Name Status File Name
Trojan.Crypt Threat c:\windows\system32\vbaliml6.ocx
HEUR.TrojanDownloader.M Threat C:\WINDOWS\system32\BCMWLCPL.CPL
HEUR.Suspicious.ASPACK Suspicious C:\Program Files\Adobe\Adobe Bridge CS3\browser\opera.dll
HEUR.Suspicious.ASPACK Suspicious C:\Program Files\Adobe\Adobe Bridge CS3\browser\OUniAnsi.dll
HEUR.Suspicious.ASPACK Suspicious C:\Program Files\Adobe\Adobe Device Central CS3\Required\Opera\Opera.dll
HEUR.Suspicious.ASPACK Suspicious C:\Program Files\Adobe\Adobe Device Central CS3\Required\Opera\ouniansi.dll
HEUR.Suspicious.ASPACK Suspicious C:\Program Files\Adobe\Adobe Device Central CS3\Required\Opera\spellcheck.dll
HEUR.Suspicious.ASPACK Suspicious C:\Program Files\AV_burnware\DVD Shrink\DVD Shrink 3.2.exe
HEUR.Suspicious.ASPACK Suspicious C:\Program Files\AV_burnware\UltraISO\UltraISO.exe
HEUR.Suspicious.ASPACK Suspicious C:\Program Files\AV_diagnostics and repair\JuiceSoft\BadCDDVDRecovery.exe
HEUR.Suspicious.ASPACK Suspicious C:\Program Files\AV_diagnostics and repair\JuiceSoft\CreateISO.exe
HEUR.Suspicious.ASPACK Suspicious C:\Program Files\AV_diagnostics and repair\JuiceSoft\MicBurnEn.dll
HEUR.Suspicious.ASPACK Suspicious C:\Program Files\AV_diagnostics and repair\JuiceSoft\MicBurnEng.dll
HEUR.Suspicious.ASPACK Suspicious C:\Program Files\AV_diagnostics and repair\JuiceSoft\MicBurnEngi.dll
HEUR.Suspicious.ASPACK Suspicious C:\Program Files\AV_diagnostics and repair\JuiceSoft\VirtualCD.exe
HEUR.TrojanDownloader.M Threat C:\Program Files\coolpro2\autoreg.dll
Trojan.Dropper.Small-88 Threat C:\Program Files\DIY DataRecovery CHK-Mate\CHK-Mate.exe
HEUR.Suspicious.ASPACK Suspicious C:\Program Files\Evernote\EvernoteTray.exe
HEUR.TrojanDownloader.M Threat C:\Program Files\Inbox\CMailDll.dll
HEUR.Suspicious.ASPACK Suspicious C:\Program Files\IrfanView\Plugins\EAFSH.dll
HEUR.Suspicious.ASPACK Suspicious C:\Program Files\IrfanView\Plugins\FUNLTDIV.dll
HEUR.Suspicious.ASPACK Suspicious C:\Program Files\IrfanView\Plugins\LogoManager.dll
HEUR.Suspicious.ASPACK Suspicious C:\Program Files\IrfanView\Plugins\Mrc.dll
HEUR.Suspicious.ASPACK Suspicious C:\Program Files\IrfanView\Plugins\Vtf.dll
HEUR.TrojanDownloader.M Threat C:\Program Files\MAGIX\Audio_Cleaning_Lab_12\MagixOFA.dll
HEUR.Suspicious.UPACK Suspicious C:\Program Files\PE Explorer\pexnag.dll
HEUR.Suspicious.UPACK Suspicious C:\Program Files\PE Explorer\PLUGINS\pexlicense.dll
Malware.Sysguard Threat C:\Program Files\TeamViewer\Version4\install.exe
HEUR.Suspicious.ASPACK Suspicious C:\Program Files\Universal Extractor\bin\xace.exe
HEUR.Suspicious.ASPACK Suspicious C:\Program Files\Universal Viewer\amnani.dll
HEUR.Suspicious.ASPACK Suspicious C:\Program Files\Zoom Player\zplayer.exe
To be fair, I ran it Sandboxed (with Sandboxie) because I was testing it, but I don't think that matters. (Now I can just empty the Sandbox and it's gone without leaving any crap on my system proper).

In any case, let me know if you see something real on the list. The first entry is a "vbAccelerator Image List Control" (file desciption), and the second one is a "Broadcom Wireless Utility" (control panel extension). The rest are from programs I know and more or less trust.
__________________
Win7(64-bit): WFC, IObit Malware Defender, KeyScrambler, Drive Snapshot, Rollback Rx
Reply With Quote
Sponsored links
  #2  
Old 05-29-09, 17:46
chaslang's Avatar
chaslang chaslang is offline
MajorGeeks Admin - Master Malware Expert
 
Join Date: Feb 2004
Location: Northern New Jersey USA
Posts: 80,620
Thanks: 62
Thanked 7,758 Times in 4,197 Posts
Default Re: TrojanKiller = lots of false positives

Many heuristic scanners have false positive issues. These fit into that category. The way they get fixed is when users report them to the designers. Otherwise they don't get fixed.
__________________
"There are 10 types of people in this world. Those who understand binary and those who don't."


Support Majorgeeks on Facebook:

Majorgeeks Newsletter
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
How Do I Stop AVG From Reporting False Positives? superstar Software 3 01-28-09 19:25
False Positives in MalwareBytes? musksnipe Malware Removal 14 06-08-08 18:40
XP SP3 triggers false positives in security apps bigbazza The Lounge 1 05-22-08 18:57
viruses or false positives? prybczynski Malware Removal 1 01-22-08 21:25
False positives with SpyCatcher? ScottyM Malware Removal 9 01-27-06 13:36


All times are GMT -5. The time now is 15:04.

MajorGeeks.Com Menu

MajorGeeks.Com \ All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ NEW! PC Games \ System Tools \ Macintosh \ Demonews.Com \ Top Downloads

MajorGeeks.Com \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds


All content Copyright MajorGeeks.com source code Powered by vBulletin® Version 3.8.4
Copyright © 2009 vBulletin Solutions, Inc. All rights reserved.
Ad Management by RedTyger