asquared false pos?

Discussion in 'other anti-trojan software' started by greg32, Sep 23, 2007.

Thread Status:
Not open for further replies.
  1. greg32

    greg32 Registered Member

    Joined:
    May 30, 2005
    Posts:
    47
    Hi, is anyone else getting asquared detecting the following below, and is this a false positive? These files have not been modified since 02/03/2005, and do not concern any of my other security apps, nor did they concern asquared previously. Could someone confirm this is a FP please.

    Cheers Greg

    a-squared Free - Version 3.0
    Last update: 24/09/2007 9:36:44 AM

    Scan settings:

    Objects: Memory, Traces, Cookies, D:\WINDOWS\, D:\Program Files
    Scan archives: On
    Heuristics: On
    ADS Scan: On

    Scan start: 24/09/2007 9:37:10 AM

    D:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe detected: Trojan-Dropper.Win32.Agent.bwg
    D:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe detected: Trojan-Dropper.Win32.Agent.bwg

    Scanned

    Files: 105400
    Traces: 327637
    Cookies: 6
    Processes: 45

    Found

    Files: 2
    Traces: 0
    Cookies: 0
    Processes: 0
    Registry keys: 0

    Scan end: 24/09/2007 10:04:42 AM
    Scan time: 12:27:32 AM
     
  2. the Tester

    the Tester Registered Member

    Joined:
    Jul 28, 2002
    Posts:
    2,854
    Location:
    The Gateway to the Blue Hills,WI.
    Can you upload the file to Virus Total?
    That's a good multi-scanner site and that may give you an idea.

    http://www.virustotal.com/

    Or you could ask at the A-Squared forum.
     
  3. greg32

    greg32 Registered Member

    Joined:
    May 30, 2005
    Posts:
    47
    Comes up all clean 'the tester'. Have been to the asquared forum, and someone has already posted this as a possible FP. Just wanted to see if others are having the same FP. This should be a common set of files on peoples computers, as it is part of a MS patch. My other computer also comes up with the same FP, so I am ignoring it as of now. Thanks

    Cheers Greg
     
Thread Status:
Not open for further replies.