Superantispyware found unknown trojan

Superantispyware found unknown trojan
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Anti-Virus Software    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
Superantispyware found unknown trojan vix 08-16-2006
Posted by vix on August 16, 2006, 6:10 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
my superantisyware found trojan.unknown origin

the only programme iv recently installed is spyware terminator a few
days ago


can someone plz tell me where this has come from, just so i know, btw
it was found in the registry, here is the results

SUPERAntiSpyware Scan Log
Generated 08/16/2006 at 10:31 PM

Core Rules Database Version : 3055
Trace Rules Database Version: 1101

Memory threats detected : 0
Registry threats detected : 43
File threats detected : 0

Trojan.Unknown Origin
        HKCR\InetCtls.Inet
        HKCR\InetCtls.Inet\CLSID
        HKCR\InetCtls.Inet\CurVer
        HKCR\InetCtls.Inet.1
        HKCR\InetCtls.Inet.1\CLSID
        HKCR\CLSID\
        HKCR\CLSID\\Control
        HKCR\CLSID\\Implemented
Categories
        HKCR\CLSID\\Implemented
Categories\
        HKCR\CLSID\\Implemented
Categories\
        HKCR\CLSID\\Implemented
Categories\
        HKCR\CLSID\\Implemented
Categories\
        HKCR\CLSID\\Implemented
Categories\
        HKCR\CLSID\\InprocServer32
        HKCR\CLSID\\InprocServer32#ThreadingModel
        HKCR\CLSID\\MiscStatus
        HKCR\CLSID\\MiscStatus
        HKCR\CLSID\\ProgID
        HKCR\CLSID\\Programmable
        HKCR\CLSID\\ToolboxBitmap32
        HKCR\CLSID\\TypeLib
        HKCR\CLSID\\Version
        HKCR\CLSID\\VersionIndependentProgID
        HKCR\CLSID\
        HKCR\CLSID\\InprocServer32
        HKCR\CLSID\
        HKCR\CLSID\\InprocServer32
        HKCR\TypeLib\
        HKCR\TypeLib\.0
        HKCR\TypeLib\.0
        HKCR\TypeLib\.0\win32
        HKCR\TypeLib\.0\FLAGS
        HKCR\TypeLib\.0\HELPDIR
        HKCR\Interface\
        HKCR\Interface\\ProxyStubClsid
        HKCR\Interface\\ProxyStubClsid32
        HKCR\Interface\\TypeLib
        HKCR\Interface\\TypeLib#Version
        HKCR\Interface\
        HKCR\Interface\\ProxyStubClsid
        HKCR\Interface\\ProxyStubClsid32
        HKCR\Interface\\TypeLib
        HKCR\Interface\\TypeLib#Version


Posted by David H. Lipman on August 16, 2006, 6:28 pm
If you were  Registered and logged in, you could reply and use other advanced thread options

| my superantisyware found trojan.unknown origin
|
| the only programme iv recently installed is spyware terminator a few
| days ago
|
| can someone plz tell me where this has come from, just so i know, btw
| it was found in the registry, here is the results
|
| SUPERAntiSpyware Scan Log
| Generated 08/16/2006 at 10:31 PM
|
| Core Rules Database Version : 3055
| Trace Rules Database Version: 1101
|
| Memory threats detected : 0
| Registry threats detected : 43
| File threats detected : 0
|
| Trojan.Unknown Origin
| HKCR\InetCtls.Inet
| HKCR\InetCtls.Inet\CLSID
| HKCR\InetCtls.Inet\CurVer
| HKCR\InetCtls.Inet.1
| HKCR\InetCtls.Inet.1\CLSID
| HKCR\CLSID\

< snip >

Troj/Angelfre-D -- http://www.sophos.com/virusinfo/analyses/trojangelfred.html
SpywareStormer --
http://www.symantec.com/security_response/writeup.jsp?docid=2006-012014-1039-99&tabid=2
Spyware.PCPolice --
http://www.symantec.com/security_response/writeup.jsp?docid=2005-062014-5447-99&tabid=2

http://searchg.symantec.com/search?q=InetCtls.Inet&context=ent&src=sea&output=xml_no_dtd&ie=UTF-8&oe=UTF-8&client=symc_en_US&proxystylesheet=symc_en_US&site=symc_en_US


--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Posted by Nick Skrepetos on August 16, 2006, 7:01 pm
If you were  Registered and logged in, you could reply and use other advanced thread options

vix wrote:
> my superantisyware found trojan.unknown origin
>
> the only programme iv recently installed is spyware terminator a few
> days ago
>
>
> can someone plz tell me where this has come from, just so i know, btw
> it was found in the registry, here is the results
>
> SUPERAntiSpyware Scan Log
> Generated 08/16/2006 at 10:31 PM
>
> Core Rules Database Version : 3055
> Trace Rules Database Version: 1101
>
> Memory threats detected : 0
> Registry threats detected : 43
> File threats detected : 0
>
> Trojan.Unknown Origin
>         HKCR\InetCtls.Inet
>         HKCR\InetCtls.Inet\CLSID
>         HKCR\InetCtls.Inet\CurVer
>         HKCR\InetCtls.Inet.1
>         HKCR\InetCtls.Inet.1\CLSID
>         HKCR\CLSID\
>         HKCR\CLSID\\Control
>         HKCR\CLSID\\Implemented
> Categories
>         HKCR\CLSID\\Implemented
> Categories\
>         HKCR\CLSID\\Implemented
> Categories\
>         HKCR\CLSID\\Implemented
> Categories\
>         HKCR\CLSID\\Implemented
> Categories\
>         HKCR\CLSID\\Implemented
> Categories\
>         HKCR\CLSID\\InprocServer32
>
        HKCR\CLSID\\InprocServer32#ThreadingModel
>         HKCR\CLSID\\MiscStatus
>         HKCR\CLSID\\MiscStatus
>         HKCR\CLSID\\ProgID
>         HKCR\CLSID\\Programmable
>         HKCR\CLSID\\ToolboxBitmap32
>         HKCR\CLSID\\TypeLib
>         HKCR\CLSID\\Version
>         HKCR\CLSID\\VersionIndependentProgID
>         HKCR\CLSID\
>         HKCR\CLSID\\InprocServer32
>         HKCR\CLSID\
>         HKCR\CLSID\\InprocServer32
>         HKCR\TypeLib\
>         HKCR\TypeLib\.0
>         HKCR\TypeLib\.0
>         HKCR\TypeLib\.0\win32
>         HKCR\TypeLib\.0\FLAGS
>         HKCR\TypeLib\.0\HELPDIR
>         HKCR\Interface\
>         HKCR\Interface\\ProxyStubClsid
>         HKCR\Interface\\ProxyStubClsid32
>         HKCR\Interface\\TypeLib
>         HKCR\Interface\\TypeLib#Version
>         HKCR\Interface\
>         HKCR\Interface\\ProxyStubClsid
>         HKCR\Interface\\ProxyStubClsid32
>         HKCR\Interface\\TypeLib
>         HKCR\Interface\\TypeLib#Version

Vix - that may have been a false positive, did you update your
defintions prior to scanning? Make sure you have Core : 3055 and Trace
: 1102 and re-scan.

Nick Skrepetos
SUPERAntiSpyware.com
http://www.superantispyware.com


Posted by optikl on August 16, 2006, 10:50 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Nick Skrepetos wrote:

> Vix - that may have been a false positive, did you update your
> defintions prior to scanning? Make sure you have Core : 3055 and Trace
> : 1102 and re-scan.
>
> Nick Skrepetos
> SUPERAntiSpyware.com
> http://www.superantispyware.com
>

Nick, not many developers, I believe, would even admit to the
possibility of an FP. Your candor is refreshing.

Posted by Nick Skrepetos on August 17, 2006, 2:45 am
If you were  Registered and logged in, you could reply and use other advanced thread options

optikl wrote:
> Nick Skrepetos wrote:
>
> > Vix - that may have been a false positive, did you update your
> > defintions prior to scanning? Make sure you have Core : 3055 and Trace
> > : 1102 and re-scan.
> >
> > Nick Skrepetos
> > SUPERAntiSpyware.com
> > http://www.superantispyware.com
> >
>
> Nick, not many developers, I believe, would even admit to the
> possibility of an FP. Your candor is refreshing.

Thank you for the compliment. False Positives are a reality in our
business, so I don't feel there is a need to hide that fact - the real
issue is how fast they are dealt with - in our case we have real-time
false positive reporting built into the product, so it was reported and
removed within one hour of initial release.

Nick Skrepetos
SUPERAntiSpyware.com
http://www.superantispyware.com


Similar ThreadsPosted
SuperAntiSpyware calls Burn4Free file a Trojan April 14, 2008, 4:38 pm
Unknown trojan August 16, 2005, 11:46 am
Found A Trojan! September 1, 2005, 10:19 am
has anyone found trojan-backdoor-soundcheck ? November 8, 2005, 11:42 am
Trojan Horse found in SAVCE 10.2 April 4, 2008, 7:55 am
Trojan Horse TR/Drop.Joi.aj.68.A found in "Stellarium.exe" v0.6.2 September 13, 2005, 12:27 pm
Superantispyware?! July 22, 2007, 10:56 pm
Nick's SUPERAntiSpyware March 23, 2006, 11:20 pm
OT:SuperAntiSpyware Update March 3, 2008, 4:23 pm
Unknown Virus, Please Help December 2, 2005, 3:45 pm

The site map in XML format XML site map

Contact Us | Privacy Policy