Question Kaspersky one time scan tool false positive?

mangaman

Reputable
Jun 13, 2015
512
42
5,190
78
The one time scan tool from Kaspersky detected the program PAExec.exe, but after further investigation it's a false positive. It's a legit program from Power Admin and only 5 out of 69 scanners in VirusTotal detected it as a virus. However, Kaspersky also detected a Trojan.Multi.GenAutorunReg.a in the system memory. Could is also be another false positive from the PAExec.exe? Avast, Malwarebytes and Hitman Pro never detected it.

So what the heck is going on?


 

mangaman

Reputable
Jun 13, 2015
512
42
5,190
78
Trojan.Multi.GenAutorunReg.a ...Is usualy a legit virus , not a FP.
But avast, malwarebytes and hitman pro did not detect it. I also do not have any specious programs on my computer, nor do I download random websites. Kaspersky wont tell me were the trojan originated from.

Process explorer does say that the Adobe Acrobat Update Service has a VirusTotal score of 1/68. Looking into it on the VirusTotal website, an anitvirus called TACHYON detected it as a Trojan/W32.Agent.88136.B, but the other 67 anti-viruses said that it was fine.

Other than that, the programs from process explore come back as clean.
 
Many of the malware scanners are going to dislike any remote admin/monitoring tools....; I don't remember getting any hits from Teamviewer, but, Kaspersky certainly dislikes Ammy, AeroAdmin, and Uvnc; does not mean the tools are illegit, they are just being ID'd for you as being installed. If you are OK with it, are sure of the source code, simply add them as exclusions.
 

mangaman

Reputable
Jun 13, 2015
512
42
5,190
78
Many of the malware scanners are going to dislike any remote admin/monitoring tools....; I don't remember getting any hits from Teamviewer, but, Kaspersky certainly dislikes Ammy, AeroAdmin, and Uvnc; does not mean the tools are illegit, they are just being ID'd for you as being installed. If you are OK with it, are sure of the source code, simply add them as exclusions.
I also scanned my hard drive with the Kaspersky one time scanner, and it said that DDU (Display Driver Uninstaller) was infected, but in fact it's not. Avast, Malwarebytes and even HitMan Pro all report back as clean. I've been using DDU for years and never had any major issues.

So I honestly don't know what's up with the Kaspersky one time scan tool.

 

ASK THE COMMUNITY

TRENDING THREADS