SuperAntispyware scan reprised...

Discussion in 'other anti-malware software' started by Tarnak, Nov 7, 2010.

Thread Status:
Not open for further replies.
  1. Tarnak
    Offline

    Tarnak Registered Member

    I refer to my earlier post -SuperAntispyware scan- which has been closed >
    http://www.wilderssecurity.com/showthread.php?t=280625

    This is my first scan since, and it still shows some remaining FP's, even though I had previously reported via the program GUI as described in the "Frequently Asked Questions" here > http://www.superantispyware.com/supportfaqdisplay.html?faq=28

    FWIW, here is the latest scan:

    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com

    Generated 11/07/2010 at 06:01 PM

    Application Version : 4.45.1000

    Core Rules Database Version : 5821
    Trace Rules Database Version: 3633

    Scan type : Quick Scan
    Total Scan Time : 02:50:38

    Memory items scanned : 477
    Memory threats detected : 0
    Registry items scanned : 1645
    Registry threats detected : 2
    File items scanned : 166292
    File threats detected : 20

    Security.HiJack[ImageFileExecutionOptions]
    HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TASKMGR.EXE
    HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TASKMGR.EXE#Debugger

    Trojan.Agent/Gen-Koobface[Bonkers]
    C:\PROGRAM FILES\FILEMAP BY BB V405\UNINSTAL.EXE
    C:\$ISR\1\DOCUMENTS AND SETTINGS\<My Name>\START MENU\PROGRAMS\FILEMAP BY BB VER 4.0.5\UNINSTAL FILEMAP.LNK
    C:\$ISR\1\PROGRAM FILES\FILEMAP BY BB V405\UNINSTAL.EXE
    C:\$ISR\2\DOCUMENTS AND SETTINGS\<My Name>\START MENU\PROGRAMS\FILEMAP BY BB VER 4.0.5\UNINSTAL FILEMAP.LNK
    C:\$ISR\2\PROGRAM FILES\FILEMAP BY BB V405\UNINSTAL.EXE
    C:\$ISR\3\DOCUMENTS AND SETTINGS\<My Name>\START MENU\PROGRAMS\FILEMAP BY BB VER 4.0.5\UNINSTAL FILEMAP.LNK
    C:\$ISR\3\PROGRAM FILES\FILEMAP BY BB V405\UNINSTAL.EXE
    C:\$ISR\4\DOCUMENTS AND SETTINGS\<My Name>\START MENU\PROGRAMS\FILEMAP BY BB VER 4.0.5\UNINSTAL FILEMAP.LNK
    C:\$ISR\4\PROGRAM FILES\FILEMAP BY BB V405\UNINSTAL.EXE
    C:\$ISR\5\DOCUMENTS AND SETTINGS\<My Name>\START MENU\PROGRAMS\FILEMAP BY BB VER 4.0.5\UNINSTAL FILEMAP.LNK
    C:\$ISR\5\PROGRAM FILES\FILEMAP BY BB V405\UNINSTAL.EXE
    C:\$ISR\6\COPY OF EXTERNAL\TODAY 061207\BACKUPS\PROGRAM FILES\FILEMAP BY BB V404\FILEMAP.EXE
    C:\$ISR\6\COPY OF EXTERNAL\TODAY 061207\BACKUPS\PROGRAM FILES\FILEMAP BY BB V404\UNINSTAL.EXE
    C:\$ISR\6\DOCUMENTS AND SETTINGS\<My Name>\START MENU\PROGRAMS\FILEMAP BY BB VER 4.0.5\UNINSTAL FILEMAP.LNK
    C:\$ISR\6\PROGRAM FILES\FILEMAP BY BB V405\UNINSTAL.EXE
    C:\$ISR\7\DOCUMENTS AND SETTINGS\<My Name>\START MENU\PROGRAMS\FILEMAP BY BB VER 4.0.5\UNINSTAL FILEMAP.LNK
    C:\$ISR\7\PROGRAM FILES\FILEMAP BY BB V405\UNINSTAL.EXE
    C:\DOCUMENTS AND SETTINGS\<My Name>\START MENU\PROGRAMS\FILEMAP BY BB VER 4.0.5\UNINSTAL FILEMAP.LNK

    It is frustrating to still be seeing these same FP's month's later. One can be forgiven for not wanting to run a scan that often. :(

    edit: omitted word added
    Last edited: Nov 7, 2010
  2. SUPERAntiSpy
    Offline

    SUPERAntiSpy Developer

    Please send me the file personally and I'll make sure it's taken care of - you can send it to nicks AT superantispyware.com - put the subject as "FALSE POSITIVE" and I'll make sure it gets taken care of - as for the Taskmanager registry key - you should allow/trust that if you are using software that modifies it as it's attacked often by malware so we detect changes (as do others) to it.

    We are always here to help and more than happy to address this or any issue for you!
  3. Tarnak
    Offline

    Tarnak Registered Member

    Thanks, Nick :) ...email sent.
  4. SUPERAntiSpy
    Offline

    SUPERAntiSpy Developer

    Got it! It will be taken care of right away - it will be within 24 hours - don't every hesitate to contact me on the forums or direct if something is not getting taken care of!
  5. Tarnak
    Offline

    Tarnak Registered Member

    Will do!...Thanks once again. ;)
  6. SUPERAntiSpy
    Offline

    SUPERAntiSpy Developer

    This was resolved in this AM's release - let me know if you still have any problems!
  7. Saraceno
    Offline

    Saraceno Registered Member

    Nick, I know a large update is around the corner, looking forward to it. May I ask, any other news/updates for us Wilders folk? :)
  8. Tarnak
    Offline

    Tarnak Registered Member

    Details of my last scan...I don't consider these to be problems. ;)

    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com

    Generated 11/09/2010 at 11:17 AM

    Application Version : 4.45.1000

    Core Rules Database Version : 5827
    Trace Rules Database Version: 3639

    Scan type : Quick Scan
    Total Scan Time : 03:06:34

    Memory items scanned : 176
    Memory threats detected : 0
    Registry items scanned : 1692
    Registry threats detected : 2
    File items scanned : 163588
    File threats detected : 2

    Security.HiJack[ImageFileExecutionOptions]
    HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TASKMGR.EXE
    HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TASKMGR.EXE#Debugger

    Trojan.Backdoor-Shell
    C:\$ISR\4\DLLHIJACK\DLLHIJACKAUDITKIT\RUNCALC.EXE
    C:\$ISR\4\DLLHIJACK\DLLHIJACKAUDITKIT\RUNTEST.EXE
  9. Tarnak
    Offline

    Tarnak Registered Member

Thread Status:
Not open for further replies.