I've just run PestPatrol with the latest update, and it's alerted in HTASTOP - as a trojan.

This is really hard to beleive, since I downloaded it from a link here at Wilders! It says SkdRemover 1.0 (whatever that is). PestPatrols Pest Verification Token is 1255152715.

Can anyone confirm or disprove this, please?

lol!

My money's on "Another FP from our friends at PP!" Pete

Thanks, Pete - for a while there I thought I was in danger of either growing up or slipping back into reality. :)

Checkout

echoing what Pete said.........the below may be of some interest.....it "MAY" be an aka for what you mentioned......not sure this is allowed....mods can remove if need be: I think there is "one" removal tool specifically for this trojan:......any AT should do it


Name: SkyDance
Aliases: SKD,
Ports: 4000 (port can be changed)
Files: Skydance2.16b.zip - 267,013 bytes Skydance2_20bf.zip - 292,637 bytes Skydance2.23b.zip - 296,332 bytes Skydance2_25bf.zip - 303,060 bytes Skydance2.29b.zip - Skyserver 2.16 beta release.exe - 163,840 bytes Skyserver 2.20 beta release.exe - 172,032 bytes Skydance 2.16 beta release.exe - 409,600 bytes Skydance 2.20 beta release.exe - 430,080 bytes Hskdl.dll - 36,864 bytes Skd.exe - Skd.dll - Skdl.dll - Mail.vbs - Activex-security-off.vbs - Starturl.vbs - Regkey.vbs - Regkey.txt - ??? bytes
Created: April 2000
Requires: N/A
Actions: Remote Access
Among the information this trojans steals is a copy of all registrysettings.
Versions: 2.0, 2.01, 2.15b, 2.16b, 2.20b, 2.291b, 2.23b, 2.25b, 2.29b,
Registers: HLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
Notes: Works on Windows 95, 98, ME and NT. Password = Skydance.
Country: N/A
Program: Written in C++.

Thanks, Snowman. I'm running a TDS3 Deep Scan right now, and I'm pretty confident that it won't find a thing. I find it easier to believe TDS than PP...

Checkout

you are always most welcome....by the ways..last year on another machine I ran htaStop an never noticed any adverse traffic...........

HTASTOP if I remember correctly is produced by the BOClean folks. No, it's not a RAT and think about it, it's not good for business for an AT company to either produce or be accused of producing a RAT. I'd trust the BOClean people over PP anyday.

It is, however, if I recall correctly, not the first time I've seen reports that PP identifies a competitor's product (or a component thereof) as suspect.

http://www.nsclean.com/htastop.html

why even use a program like PP........its pathetic!

I have used HTAStop for over 2 years now and have run literally dozens upon dozens of scans with TDS3, Spybot [when I got it a few weeks ago] and I even had *PestPatrol* for a while and not one single peep.

FALSE ALARM CONTROLLER, I WILL BET MY HOUSE KEYS ON IT.

Hello all,

I agree that HTAStop is a false positive. I have been using it for over a year with both TDS and TrojanHunter, and neither one has ever alarmed on it.

I beleive the new version of PP has a problem with false positives. Patrick has been having a problem with PP alarming on parts of his SpyBot S&D and from what I have read PP does not seem to care to fix the problem as Patrick has been trying to get them to fix it for a while now...

Just my two cents worth ;D ....

Regards,
Kent

False positive - no need to worry ;).

regards,

paul