Concerned about Sysprot anti-rootkit

Discussion in 'Malware Help (A Specialist Will Reply)' started by FtMindr, Dec 28, 2007.

  1. FtMindr

    FtMindr Private E-2

    Have download "SysProt AntiRootkit 1.0.0.5 Beta" twice from Major Geeks and according to AVG Anti-Virus it contains a trojan. So submitted Sysprot to Virus Total and 9 out of 32 of its anti-malware/virus programs reported a problem.

    Here is the Virus Total report:-

    Antivirus Version Last Update Result
    AhnLab-V3 2007.12.29.10 2007.12.29 -
    AntiVir 7.6.0.46 2007.12.28 -
    Authentium 4.93.8 2007.12.29 -
    Avast 4.7.1098.0 2007.12.28 -
    AVG 7.5.0.516 2007.12.28 BackDoor.Generic9.JDD
    BitDefender 7.2 2007.12.29 -
    CAT-QuickHeal 9.00 2007.12.28 (Suspicious) - DNAScan
    ClamAV 0.91.2 2007.12.28 PUA.Packed.TeLock
    DrWeb 4.44.0.09170 2007.12.28 -
    eSafe 7.0.15.0 2007.12.27 suspicious Trojan/Worm
    eTrust-Vet 31.3.5410 2007.12.29 -
    Ewido 4.0 2007.12.28 -
    FileAdvisor 1 2007.12.29 -
    Fortinet 3.14.0.0 2007.12.28 -
    F-Prot 4.4.2.54 2007.12.28 -
    F-Secure 6.70.13030.0 2007.12.28 -
    Ikarus T3.1.1.15 2007.12.29 -
    Kaspersky 7.0.0.125 2007.12.29 -
    McAfee 5195 2007.12.28 BackDoor-BAC
    Microsoft 1.3109 2007.12.29 -
    NOD32v2 2754 2007.12.28 -
    Norman 5.80.02 2007.12.28 -
    Panda 9.0.0.4 2007.12.28 Suspicious file
    Prevx1 V2 2007.12.29 Heuristic: Suspicious Self Modifying EXE
    Rising 20.24.42.00 2007.12.28 -
    Sophos 4.24.0 2007.12.28 -
    Sunbelt 2.2.907.0 2007.12.28 VIPRE.Suspicious
    Symantec 10 2007.12.29 -
    TheHacker 6.2.9.174 2007.12.28 W32/Behav-Heuristic-066
    VBA32 3.12.2.5 2007.12.26 -
    VirusBuster 4.3.26:9 2007.12.28 -
    Webwasher-Gateway 6.6.2 2007.12.28 -
    Additional information
    File size: 157947 bytes
    MD5: 7b70d4a81ba5a41afc711402832984bc
    SHA1: 26a63f38f1a65deda529c66438040397cc47af1a
    PEiD: -
    packers: TeLock
    packers: PE_Patch, TeLock
    Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=13C18CC000EE649C80E0025C6E229100C8C81849
    Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

    Is this just a case of mistaken identity or what?
     
    FtMindr, Dec 28, 2007
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    SysProt AntiRootkit is not infected. Many scanners will detect tools like this as potential problems (some say potentially unwanted tool) due to the nature of what the tools can be used to do. Many many of the tools we use in malware removal will get hits like this. And infact, many antivirus programs detect other antivirus programs or their files as malware too.

    Even your Prevx link stated the below:
     
    Last edited: Dec 30, 2007
    chaslang, Dec 29, 2007
    #2
  3. FtMindr

    FtMindr Private E-2

    Hi

    Thanks for the reply.

    You had resolved my concerns regarding Sysprot.

    Regards,
     
    FtMindr, Dec 30, 2007
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome. Surf safely.
     
    chaslang, Dec 30, 2007
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds