Jump to content

MichaW

Members
  • Content Count

    20
  • Joined

  • Last visited

About MichaW

  • Rank
    Member
  1. Hello,i deleted the cookie several times from the above mentioned folder and the recycle bin as well but after having restarted the pc again, this cookie comes back, now with the name "656JPF1H.txt [ /xiti.com ]" and SAS is not able to delete this cookie. There must be any application which brings with this kind of cookie. Michael EDIT: Meanwhile, i found out, where the problem comes from. Several days ago i updated due to security issues IE 10 to IE 11. Now i blocked all cookies within IE 11 and the problem with xiti.com has gone. Thank you guys for your assistance and excuse me for my bad english language.
  2. Hi, meanwhile i restarted my pc several times, deleted this ccokie via SAS, but the same cookie always comes up after each restart although i haven't used internet. I have no idea, where this cookie comes from. Michael
  3. Hello, above mentioned file is recognized by SAS as Tracking Cookie which cannot be deleted. Scan report by SAS: SUPERAntiSpyware Scan Log https://www.superantispyware.com Generated 11/14/2013 at 05:06 PM Application Version : 5.6.1042 Core Rules Database Version : 10889 Trace Rules Database Version: 8701 Scan type : Quick Scan Total Scan Time : 00:00:11 Operating System Information Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601) UAC Off - Administrator Memory items scanned : 145 Memory threats detected : 0 Registry items scanned : 53022 Registry threats detected : 0 File items scanned : 5338 File threats detected : 1 Adware.Tracking Cookie C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Cookies\XPD8C61E.txt [ /xiti.com ] Nevertheless, the same file, checked with Virustotal, is only recognized by PANDA and not by SAS. Scan report by Virustotal: SHA256: 40ab26aefe7c341e22db5a46beb090f8556cb2b1040d3be6552862cdb7782ac4 Dateiname: XPD8C61E.txt Erkennungsrate: 1 / 45 Analyse-Datum: 2013-11-14 16:08:05 UTC ( vor 1 Minute ) 0 0 Analyse Zusätzliche Informationen Kommentare Bewertungen Antivirus Ergebnis Aktualisierung Agnitum 20131113 AhnLab-V3 20131114 AntiVir 20131114 Antiy-AVL 20131114 Avast 20131114 AVG 20131114 Baidu-International 20131114 BitDefender 20131114 Bkav 20131114 ByteHero 20131111 CAT-QuickHeal 20131114 ClamAV 20131114 Commtouch 20131114 Comodo 20131114 DrWeb 20131114 Emsisoft 20131114 ESET-NOD32 20131114 F-Prot 20131114 F-Secure 20131114 Fortinet 20131114 GData 20131114 Ikarus 20131114 Jiangmin 20131114 K7AntiVirus 20131114 K7GW 20131114 Kaspersky 20131114 Kingsoft 20130829 Malwarebytes 20131114 McAfee 20131114 McAfee-GW-Edition 20131114 Microsoft None MicroWorld-eScan 20131114 NANO-Antivirus 20131114 Norman 20131114 nProtect 20131114 Panda Cookie/Xiti 20131114 Rising 20131114 Sophos 20131114 SUPERAntiSpyware 20131114 Symantec 20131114 TheHacker 20131114 TotalDefense 20131114 TrendMicro 20131114 TrendMicro-HouseCall 20131114 VBA32 20131114 VIPRE 20131114 ViRobot 20131114 XPD8C61E.txt
  4. Sorry, you are totally right, but the manual update only shows the updated virus definitions but not the programm update itself. And actually the latest version of SAS is 5.6.1040 and i'm still working with 5.6.1032 ! "Automatic Updates check for program and definition updates every 8 hours. Manual Only" Best regards Michael
  5. Hello, when will users receive the latest version 5.6.1040 of SUPERAntiSpyware Free Edition via automatic update? I'm still working with version 5.6.1032 Thanks Michael
  6. Hello SAS, why isn't it possible, that nobody from SAS replies to my previous question????? On a daily basis is sent the scan logs directly to SAS but nobody cares about it. The same story we had in August last year. https://forums.superantispyware.com/index.php?/topic/4113-securityhijackimagefileexecutionoptions/ Michael
  7. Hello SAS, would someone from SAS provide an answer please? Thanks Michael
  8. Hello, pls check attached registry entries which seem to be F/P's Nothing was found by: NIS 2011 MBAM A2 Spyware Terminator Spybot Windoes Defender Virus Total HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BACKITUP.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BACKITUP.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CDSPEED.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CDSPEED.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\COVERDES.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\COVERDES.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DRIVESPEED.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DRIVESPEED.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GOOGLEUPDATER.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GOOGLEUPDATER.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IMAGEDRIVE.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IMAGEDRIVE.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\INFOTOOL.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\INFOTOOL.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NERO.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NERO.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NEROHOME.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NEROHOME.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NEROMEDIAHOME.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NEROMEDIAHOME.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NEROSCOUTOPTIONS.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NEROSCOUTOPTIONS.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NEROSTARTSMART.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NEROSTARTSMART.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NEROVISION.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NEROVISION.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PHOTOSNAP.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PHOTOSNAP.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PHOTOSNAPVIEWER.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PHOTOSNAPVIEWER.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RECODE.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RECODE.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUPX.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUPX.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SHOWTIME.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SHOWTIME.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SOUNDTRAX.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SOUNDTRAX.EXE#Debugger HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WAVEEDIT.EXE HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WAVEEDIT.EXE#Debugger Thanks Michael
  9. Hello, after the latest update the same file will be recognized as malware. Is this now a F/P or not? No reply received from SAS although file was sent for checking. Michael
  10. yes, i did it some days ago, but never received any reply from SAS. Michael
  11. Hello, would you please check, if this is a F/P. Attached pls find the scan results and the file SUPERAntiSpyware Scan Log https://www.superantispyware.com Generated 08/02/2010 at 07:04 PM Application Version : 4.41.1000 Core Rules Database Version : 5302 Trace Rules Database Version: 3114 Scan type : Quick Scan Total Scan Time : 00:00:02 Memory items scanned : 0 Memory threats detected : 0 Registry items scanned : 0 Registry threats detected : 0 File items scanned : 6 File threats detected : 1 Trojan.Agent/Gen-SVC[Fake] F:\MICHAEL\GARMIN\MAPSOURCE REGISTRY FIX\GARMIN_MAPSOURCE_FIX_0.2E\MAPSOURCEFIX.EXE Virustotal Antivirus Version Last Update Result AhnLab-V3 2010.08.01.00 2010.07.31 - AntiVir 8.2.4.32 2010.08.02 - Antiy-AVL 2.0.3.7 2010.08.02 - Authentium 5.2.0.5 2010.08.02 - Avast 4.8.1351.0 2010.08.02 - Avast5 5.0.332.0 2010.08.02 - AVG 9.0.0.851 2010.08.02 - BitDefender 7.2 2010.08.02 - CAT-QuickHeal 11.00 2010.08.02 - ClamAV 0.96.0.3-git 2010.08.02 - Comodo 5620 2010.08.02 - DrWeb 5.0.2.03300 2010.08.02 - Emsisoft 5.0.0.34 2010.07.30 - eSafe 7.0.17.0 2010.08.02 - eTrust-Vet 36.1.7756 2010.08.02 - F-Prot 4.6.1.107 2010.08.02 - F-Secure 9.0.15370.0 2010.08.02 Suspicious:W32/Malware!Gemini Fortinet 4.1.143.0 2010.08.02 - GData 21 2010.08.02 - Ikarus T3.1.1.84.0 2010.08.02 - Jiangmin 13.0.900 2010.08.01 - Kaspersky 7.0.0.125 2010.08.02 - McAfee 5.400.0.1158 2010.08.02 - McAfee-GW-Edition 2010.1 2010.08.02 - Microsoft 1.6004 2010.08.02 - NOD32 5335 2010.08.02 - Norman 6.05.11 2010.08.02 - nProtect 2010-08-02.02 2010.08.02 - Panda 10.0.2.7 2010.08.02 - PCTools 7.0.3.5 2010.08.02 - Prevx 3.0 2010.08.02 - Rising 22.59.00.04 2010.08.02 - Sophos 4.56.0 2010.08.02 - Sunbelt 6674 2010.08.02 - Symantec 20101.1.1.7 2010.08.02 - TheHacker 6.5.2.1.328 2010.07.30 - TrendMicro 9.120.0.1004 2010.08.02 - TrendMicro-HouseCall 9.120.0.1004 2010.08.02 - VBA32 3.12.12.7 2010.08.02 - ViRobot 2010.7.31.3965 2010.08.02 - VirusBuster 5.0.27.0 2010.08.02 - Many thanks Michael MapSourceFix.exe
  12. Hi, it's ridicolous that i have to search always twice for new updates of Superantispyware, after the first attempt it shows the previous version and after the second attempt the latest version. And it always take a very long time for update ! I'm using Windows Home XP, SP3 What's going on here? Thanks Michael
  13. Hi, how should i know or check, that a legitimate programm that's using a 6to4 relay is working in the background? Michael
  14. The question is very simple. Is it a F/P or not? Thanks
×
×
  • Create New...