Jump to content

JimBob59

Members
  • Content Count

    7
  • Joined

  • Last visited

About JimBob59

  • Rank
    Newbie
  1. Peter: Oh for crying out loud.... That's where I picked it up then .......... I use the SysInternals PE program ... Sheezzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz
  2. It appears it was indeed a false positive. I updated with the latest SAS signatures this morning and re-ran the scan and Taskman was not mentioned in the results window - just some tracking cookies. I checked my registry just to be sure nothing else had modifed the key and the key was still there with the same 0000 value ... but is no longer being flagged.
  3. Peter: Interesting ... that guy does not say one way or the other if there was actually a key value in his Taskman key from what I read. Did I miss it?
  4. I've got nut'n as yet.... If I understand correctly the "Taskman" key allows the Winlogon process to load an additional task manager type program which may be required for special situations. Typically there is none. I think if there is none specified usually the key does not exist at all. So the fact that our systems have this key installed (even with apparently a zero value) may be why SAS is pushing the alarm button. I'm not sure if we should panic or not
  5. I'm been using SAS only for a short time but have run perhaps 20 or so daily scans. I always check for updates first. Yesterday in addition to the typical cookies, I had one other entry: Malware.Trace HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon#Taskman but there is no entry after it.... I went into the registry and opened the Taskman key and when looking at it in normal mode it appears blank. When I edit in binary it shows as: "0000 " What's going on here? Thoughts appreciated!
×
×
  • Create New...