http://forum.avast.com/index.php?topic=34709.msg310168#msg310168
http://forum.avast.com/index.php?topic=42852.msg358088#msg358088
You’re not alone. I just got the same thing. I scan every night before going to bed. This popped up last night for me. Also, I looked at the file’s date was in 2005. Super is a known false positive.
Hi posters in this thread,
As the find is generic, that means the flagging is because of a find of generic malware-like characteristics, and it is flagged by 5 scanners at virustotal.com it would be a coincidence that all av products flagged the same FP, it would hold this in quarantine for the time being,
SAS flagged this file December of last year, and the discussion then went along the following lines:
If this is associated with the file Windows\MOTA113.EXE, I am FAIRLY sure AT THIS POINT that it is also a false positive. I am keeping up with the SAS discussion forum on this topic.I have quarantined the file MOTA113.EXE and have seen no different behavior from my computer – but I am ready to restore the file if the folks at SAS determine that it is actually a FP.
You could do a full SAS scan and see if it flags it: http://www.superantispyware.com/superantispywarefreevspro.html
polonus
False positive has now been confirmed.
Fixed with the latest VPS update - 090224-0.
Thanks Avast!!!
anyway, it is not good to pack legit software under three layers (1× PECompact and 2× tElock) :
Hello Maxx_Original,
Thank you for your response. I’m not sure if you are an Avast employee. I am extremely satisfied with Avast Anti-virus.
Could you possibly elaborate on the tElock layer a little? I remember seeing that word in the false positive.
Unfortunately I am not that up to speed with computers.
Thanks for your time.
Avastfan1
bullseye, i’m the member of avast viruslab…
tElock is a PE packer+protector written by one of the greatest scene rockers - tHE EGOiSTE (tE!) from TMG - more than 9 years ago… it was publicly available for download (there were also some private versions) and offered a high level of protection for those users, which were not able to protect their applications with own scheme… also malware authors noticed the strength of tElock protection and started to using it to hide their nasty work… tElock itself is not malicious (even when some AV engines detect it as malware packer), but i can’t see any reason to pack legit software in multiple layers (one strong is enough imho) and i consider these files as potentially riskful (off course when i have no relation to the source of the file)…
this link http://en.wikipedia.org/wiki/Executable_compression could give you some general informations…