Jump to content
Sign in to follow this  
redex

SuperAntiSpyware Malware Not Existing Directories Also SSCProt.dll

Recommended Posts

redex   

Hi, when I scan with superantispyware,  it comes up with directories and files on the scanner that say that they exist, and if I search them up on google they are malware, but they don't exist when I go to the directory on my computer. Am I infected with malware? Superantispyware says my system is clean on completion of a scan. My malware definition update is 13379, and superantispyware version is 6.0.1236. Here are some examples:

(x86) s-1-5-20\software\zango

C:/program files(x86)/newdotnet

(x86) wav6com.av office protect

(x86) software/Microsoft/windows/current version/uninstall/Alert Spy

C:/program files(x86) / spy heal

C:windows/ocenuxos.bin

(x86) interface/EE836B19-1991-4951-918D-479DB2F0B693}

C:/users/my-username/appdata/roaming/Microsoft/windows/startmenu/programs/unigray antivirus

C:/program files (x86) / anti spy check 2.3

(x86) s-1-5-18 /software/total secure 2009

(x86) s-1-5-18/ software/GAV

C:/users/my-username/startmenu/programs/antivirus plasma

C:/users/my-username/appdata/roaming/ microsoft/IE/ quick launch/ virus trigger 2.1.link

These all don't appear on my system when I go to the locations. I think (x86) is hkey/local machine? But I'm not sure. 

Also, when I ran system investigator, it came up with sscprot.DLL and with an invalid signature.

It also came up with 5mxxxzbr.dll in my %temp% folder.

Thanks for reading! I hope that you get back to me soon =)

Share this post


Link to post
Share on other sites

They could be trace files left over from installers and such.

If you're really worried then you could download FRST 

Download the appropriate version for your system and save it to your desktop inside a folder called FRST.

Run the program and attach the two log files.

Share this post


Link to post
Share on other sites
redex   

This is an offline only computer. I dont remember downloading any of these malware. I have run antivirus & super anti spyware and they find nothing. When I placed frst onto the desktop & ran it, it said that publisher was unknown. I'm not sure if its supposed to say publisher unknown. I have attached files to this post. 

My documents when I go to it, it has two my music, my pictures & my videos if I go to the directory in paint. If I go to the directory in explorer, it says permission denied to go to the folders.

FRST.txt

Addition.txt

superantispyware.png

Share this post


Link to post
Share on other sites

Hi redex

I'm not sure about that pic as it appears to be overlayed a few times, but the frst log shows a couple of issues not much to worry about though. Copy this text log to a notepad and save it as Fixlist to the frst folder.

Quote

Start

CreateRestorePoint:

CloseProcesses:

Emptytemp:

CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

CMD: ipconfig /flushdns

End

Select Run Fix

 

After that I would suggest uninstalling BKAV as you don't need it when you're already running Avira.

Share this post


Link to post
Share on other sites
redex   

Hi, I overlayed the picture myself with paint. It was to show you the different scans that superantispyware went through. Is this normal behavior of super anti spyware to tell you its scanning directories and files that don't exist? I could give you full screenshots if you don't believe me that superantispyware went through those scans. 

Also, is frst supposed to be publisher unknown? What happens when you try to run it as administrator? Does it give a valid certificate? 

I saw that google was mentioned, why would I have google on my computer when I don't have anything with Google installed?

I'll try the fix tomorrow. Thanks for your help so far! =)

Share this post


Link to post
Share on other sites

The publisher unknown is a possibility in Win 10 although it should say Farbar. You should always select Run as Administrator when using this program.

It is a safe program and one I use quite a bit.

I believe those pics are genuine I was just asking about the overlay in case you had a RAM issue.

Google will always be on a system somewhere you'd be surprised just where you can find their components.

Share this post


Link to post
Share on other sites
redex   

Hi, I ran the fixlist, thanks. I run windows 8 build 9200. Is it possible for farbar to say publisher unknown on windows 8 too? It isn't a virus causing that? 

Is it normal behavior of super anti spyware to tell you its scanning directories and files that don't exist?

Also, when I boot my computer desktop.ini opens when I get to the desktop.

Thanks again! =)

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  

×