Jump to content

False positive with SiS graphics adapter


YoKenny1
 Share

Recommended Posts

With the latest update definitions I am getting a false on my SiS graphics adapter

t2861_sis.png

Malwarebytes' Anti-Malware 1.34

Database version: 1752

Windows 5.1.2600 Service Pack 3

2/12/2009 12:57:18 AM

mbam-log-2009-02-12 (00-57-11).txt

Scan type: Quick Scan

Objects scanned: 55863

Time elapsed: 3 minute(s), 27 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 1

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sispower (Trojan.Agent) -> No action taken.

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Link to post
Share on other sites

This is with the /developer switch

Malwarebytes' Anti-Malware 1.34

Database version: 1753

Windows 5.1.2600 Service Pack 3

2/12/2009 7:21:27 AM

mbam-log-2009-02-12 (07-21-18).txt

Scan type: Quick Scan

Objects scanned: 56969

Time elapsed: 3 minute(s), 5 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 1

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sispower (Trojan.Agent) -> No action taken. [3857535134305383807566791534727079851301414438586445483634456446343641424738615

24839535634513861467468838084807185615674796980888461368683837079855570838474807

9

6151867993113232323011838679697777201915708970113232323215697777117011]

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Link to post
Share on other sites

Awww.....For God's sake!

Thank your for this thread. I've got the same problem (Log below)

In the past Malwarebytes didn't found anything. I was so scared, as I've seen, that my SiS-Data (it's my MoBo-Constructor) should be infected.

Now I'm pretty eased. I hope, it's definitely a false positive.

A friend of mine reported another false positive with the latest database: He said, if he is checking in Spybot S&D the box under IE-Settings in the expert screen, where he can decide, that the IE-homepage can't changed by nobody (to avoid hijackers) - MBAM says it's a hijacker. As he unchecked it and ran another full system scan, there was no "infected" object anymore.

Here's my log, looks exactly like above:

Malwarebytes' Anti-Malware 1.34

Datenbank Version: 1753

Windows 5.1.2600 Service Pack 3

12.02.2009 15:19:08

mbam-log-2009-02-12 (15-19-03).txt

Scan-Methode: Vollst

Link to post
Share on other sites

I verify that the False Positive with SiS video graphics is fixed on my XP Home system.

Malwarebytes' Anti-Malware 1.34

Database version: 1757

Windows 5.1.2600 Service Pack 3

2/13/2009 4:49:52 AM

mbam-log-2009-02-13 (04-49-52).txt

Scan type: Quick Scan

Objects scanned: 55891

Time elapsed: 4 minute(s), 30 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Thank you.

Link to post
Share on other sites

How do ik put the Registry value back? I doubt whether this really was an infection when I scanned. But quarantined it anyway to be sure. I searched the Internet after that. Then I restored the value in Malwarebytes. But when I look in the registry now it is not there!!!

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sispower

I hope someone can help me!!!!

Link to post
Share on other sites

Do you have the Tray Utilities installed?

http://www.sis.com/download/agreement.php?url=/download

Go to start then All Programs then SiS VGA Utilities then Utility Tray to start the Tray application.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.