Dear fellow experts, I was experimenting with 2 following customed Mod for my testing Android device from XDA forum , which i encounterd 2 types of possible malware according to virus total, However, mbar-1.08.3.1004 rootkit (defination updated) stated my system was cleaned after completion of scanning process. I do not ask for any kind of removal advice in this section, just want to know if virustotal has a habit of flagging up false positives in this case. My Testing sandboxed system : Windows 7 starter edition ( netbook/ Dual partition with Linux remix) /ESET NOD 32; version 7 updated >> already marked both files as infected //Super Antivirus free version , so yeh no real protection here with this software/Comodo firewall installed , running under sandbox. TouchwizRES_V2.0 >> CRC32: 16916867 MD5: 4EAFE30EBB32003E0040B6E522DB3CDE SHA-1: 1925FDF6AEFE8E2835910454BA3D5262CBAB7296 System > App> CallRecorder.apk SHA256: 77fed0e20c430730c5a79d8c42f4dde2e9af980108380f0dcf af30b59588191d File name: 96c0568b04aaa7b2a37b21fe73d1ed69.apk Detection ratio: 16 / 56 Analysis date: 2015-01-22 13:42:07 UTC ( 1 week, 5 days ago ) https://www.virustotal.com/en/file/77fed0e20c430730c5a79d8c42f4dde2e9af980108380f0dcfaf30b59588191d/analysis/ [Aroma] Ace-i-Sure 12.0.0 >> CRC32: 596F10E2 MD5: A366F77A61D9D8463A50F283A8A9A74A SHA-1: 5F70794E1157A2EDFC41E287BF6354E7D3B02FBD aroma>app>Uninstall_Master.apk SHA256: 810f99b4ad132f530b12b564e0ae39c0504f9647babf48375d dab7a2bd1d4ca0 File name: b4d09f52d8b32d89b5a1e1f7e0a69c35.apk Detection ratio: 18 / 57 Analysis date: 2015-01-13 15:01:42 UTC ( 3 weeks ago ) https://www.virustotal.com/en/file/810f99b4ad132f530b12b564e0ae39c0504f9647babf48375ddab7a2bd1d4ca0/analysis/ZIP the entire contents (ALL the files, not just .LOG) of the MBAE logs directory as instructed. Regards Logs.rar Quarantine.rar