Jump to content

K1234

Members
  • Content Count

    5
  • Joined

  • Last visited

About K1234

  • Rank
    Newbie
  1. https://www.virustot...sis/1346408680/ Is Open Install some sort of adware? Is this file safe?
  2. Are all of these detections related? Thanks
  3. I have reason to believe that Tune Up 2012 (which optimizes and fiddles with registry) is causing false positives. The only active Virus Protection I run is Microsoft Security Essentials. Everything has been running at full speed. Last night I decided to run other Virus Scanners just to be safe and I found a ton of Security.Hijack viruses in "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\". This user had the same problem as well: http://forums.supera...ositive-or-not/ Is this a false positive and if not did I take the right steps to remove this virus? All the scans below are the most recent versions. MSE: No threats found. TDSS Killer: No threats found. Malwarebytes: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccleaner.exe HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iTunes.exe ESET Online Scanner: No threats found. SuperAntiSpyware: SUPERAntiSpyware Scan Log https://www.superantispyware.com Generated 07/10/2012 at 03:11 PM Application Version : 5.5.1012 Core Rules Database Version : 8876 Trace Rules Database Version: 6688 Scan type : Complete Scan Total Scan Time : 00:56:40 Operating System Information Windows 7 Home Premium 32-bit, Service Pack 1 (Build 6.01.7601) UAC On - Administrator Memory items scanned : 690 Memory threats detected : 0 Registry items scanned : 36790 Registry threats detected : 61 File items scanned : 51601 File threats detected : 179 Security.HiJack[imageFileExecutionOptions] HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ACRORD32.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ACRORD32.EXE#DisableExceptionChainValidation HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ACRORD32.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AMD OVERDRIVE.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AMD OVERDRIVE.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ASC.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ASC.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DPLAUNCH.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DPLAUNCH.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\HIREZGAMESDIAGANDSUPPORT.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\HIREZGAMESDIAGANDSUPPORT.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\HIREZLAUNCHERUI.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\HIREZLAUNCHERUI.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\HPWUCLI.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\HPWUCLI.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IMPULSEMINI.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IMPULSEMINI.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IMPULSENOW.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IMPULSENOW.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\LU5.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\LU5.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NVSTLINK.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NVSTLINK.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NVSTVIEW.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NVSTVIEW.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PICTUREVIEWER.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PICTUREVIEWER.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QS.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QS.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QUICKSTART.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QUICKSTART.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QUICKTIMEPLAYER.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QUICKTIMEPLAYER.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SBASE.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SBASE.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SCALC.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SCALC.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDRAW.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDRAW.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SIMPRESS.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SIMPRESS.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SLIMDRIVERS.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SLIMDRIVERS.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SMATH.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SMATH.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SOFFICE.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SOFFICE.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SUC12_UNINSTAL.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SUC12_UNINSTAL.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SWRITER.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SWRITER.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TOOLBOX.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TOOLBOX.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TURBOBOOST.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TURBOBOOST.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UNINS000.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UNINS000.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UNINST.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UNINST.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ZUNE.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ZUNE.EXE#Debugger Combofix: Said something about C\Install.exe - didn't say infected.
×
×
  • Create New...