SUPERAntispyware Strange Results!! HELP!!

[MUN39]

Hey peeps

i recently restored a stone laptop (WINDOWS 7 O/S) to its built in original factory settings, and built up some security defenses by downloading free versions of legitamate versions of avast, malwarebytes, SuperAntispyware, Advanced system care 4 and ccleaner. everything seemed to be ok until i run SUPERAntispyware and it picked up 2 items called

Trojan.Agent/Gen-SVC [Fake]

I closed the scan rebooted the system.... and run the scan again to find that these two items have returned, ive done this several times repeating these actions but still the Trojan.Agent/Gen-SVC [Fake] returns. IS IT A VIRUS???

When SUPERAntispyware runs through the process of removing these items it find them in the following file path.

c:\windows\configsetroot\$oem$\$$\oem\ sysprep1.exe
c:\windows\oem\ sysprep1.exe

Please help have i got a virus if so help me get rid it's confussing me

Thanks peeps

 

[MUN39]

My SUPERANTISPYWARE LOG

This is my log files

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 05/24/2011 at 10:59 AM

Application Version : 4.53.1000

Core Rules Database Version : 6999
Trace Rules Database Version: 4811

Scan type : Quick Scan
Total Scan Time : 00:08:34

Memory items scanned : 688
Memory threats detected : 0
Registry items scanned : 2469
Registry threats detected : 0
File items scanned : 7274
File threats detected : 2

Trojan.Agent/Gen-SVC[Fake]
C:\WINDOWS\CONFIGSETROOT\$OEM$\$$\OEM\SYSPREP1.EXE
C:\WINDOWS\OEM\SYSPREP1.EXE

 

[johnb35]

Most likely false positives. Please run Malwarebytes and post its log.

 

[MUN39]

what do you mean by false posotives i have sent it to be examined but heard nothing back as of yet i have run malwarebytes but it finds nothing ill run it again now and post the log

Thank you for the reply

 

[MUN39]

Malwarebytes log

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6661

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

24/05/2011 13:36:17
mbam-log-2011-05-24 (13-36-17).txt

Scan type: Quick scan
Objects scanned: 141585
Time elapsed: 2 minute(s), 30 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

 

[johnb35]

With the location of the file where its at, it's most likely a false positive, meaning its harmless. Now its possible if that file was located somewhere else on your system then it could be harmful.

To be sure upload each of those files to this site and give me the link to the results.

www.virustotal.com

 

[MUN39]

Results

MD5 : 7229caa0a900eb81b396710d118c5f15



SHA1 : 9086501a3690ffcbb7e899a98283de6207e8c615



SHA256: 635becc154c62fcf35967ba15f0d953122b49efc4a33fedab74e46f4f06882d1



ssdeep: 12:Qy5hVZteAxDZaW+AN+ikCDUABeAxDZaW+AN23MikY2N2Dn:QChVTessAN+uDUABessAN28k2
sn



File size : 534 bytes



First seen: 2011-05-24 17:51:38



Last seen : 2011-05-24 17:51:38



TrID:
Windows Registry Data (Ver. 5.0 - UTF16) (96.8%)
Text - UTF-16 (LE) encoded (2.0%)
MP3 audio (1.0%)
Lumena CEL bitmap (0.0%)
Corel Photo Paint (0.0%)



sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned




packers (F-Prot): Unicode

 

[johnb35]

Thats not what I wanted. When you upload each of those files to virus total, it will take you to a results page. Copy and paste the link from your browser for both results into your next reply.