Jump to content

Melk

Members
  • Content Count

    3
  • Joined

  • Last visited

About Melk

  • Rank
    Newbie
  1. I had the same issue with Win7 64bit and the Events seen by the poster. I ran SAS_StartupFix.exe and I still got an error in the event viewer.. although it was different.. here it is... The following boot-start or system-start driver(s) failed to load: SASDIFSV SASKUTIL So, I decided to use AutoRuns to disable those 2 drivers, and voila, errors gone Thought I should mention it... Regards, M
  2. Melk

    Trojan.Hugipon?

    Well, After seeing that there's no definitive answer on this issue, I decided to let SAS do its magic and after the reboot, it was gone completely. So in my case, SAS was able to remove it without any issues (except the required reboot). The IP6 Helper service vanishes as a result of this quarantine but since I can still use the internet as usual (haven't tested everything yet but so far so good), I'll keep it quarantined until we know for sure if it's a FP or not. If it's not a false positive, then kudos to SAS for being the first to detect it (to my knowledge). Sure glad I bought this one! Otherwise, no harm done since it's quarantined and has no adverse effect. Regards, ~M
  3. Melk

    Trojan.Hugipon?

    I just experienced the same issue with 56 registry items infected by the trojan.hugipon. (Waiting on scan to finish to post log -- for some reason, even the quick scan takes close to 1 hour on my setup). I must admit that I was just testing new Firewalls for the last few days so I'm not a good representative to decide if any apps uses these items. I did uninstall them, reverted back to ZA until I can figure out why when I uninstall ZA, it slows down my boot time by 45 seconds (tested on multiple reboot). Reinstalling it returned my boot times to normal. But this is beside the point. Sorry My last quick scan was 1 or 2 weeks ago, and except for the firewalls mentioned (Outpost Pro and Free, ZoneAlarm), I haven't changed anything except purchase a few games on Steam, install a new CPU/Chassis/GPU/Power Supply lol.. turns out I changed a lot of things, but mostly hardware My question is how do I determine which (or if any) apps uses these registry entries? Is there a tool out there that could help me out? If you need testing to be done, please feel free to let me know... I'm retired and have plenty of time to test and report on findings. ... still waiting ... ... still waiting on scan to finish ... hmm, I'll edit the post once it finished. Regards, M P.S. while waiting on the scan (got about 500gig to scan), I checked the service related to this issue called IPv6 Helper Service Properties (local computer). When I checked the dependencies for components that are depending on it, there's nothing there -- does that mean that *no* applications/services use this? If so, I just might stop it until we can determine if it's a false positive or not. P.P.S. Here's the Scan log pertaining to this issue. Seems pretty much what the others have. SUPERAntiSpyware Scan Log https://www.superantispyware.com Generated 06/05/2009 at 03:16 PM Application Version : 4.26.1004 Core Rules Database Version : 3926 Trace Rules Database Version: 1870 Scan type : Quick Scan Total Scan Time : 01:01:12 Memory items scanned : 472 Memory threats detected : 0 Registry items scanned : 456 Registry threats detected : 56 File items scanned : 59038 File threats detected : 12 Trojan.Hugipon HKLM\System\CONTROLSET001\SERVICES\6TO4 HKLM\System\CONTROLSET001\SERVICES\6TO4#Type HKLM\System\CONTROLSET001\SERVICES\6TO4#Start HKLM\System\CONTROLSET001\SERVICES\6TO4#ErrorControl HKLM\System\CONTROLSET001\SERVICES\6TO4#ImagePath HKLM\System\CONTROLSET001\SERVICES\6TO4#DisplayName HKLM\System\CONTROLSET001\SERVICES\6TO4#DependOnService HKLM\System\CONTROLSET001\SERVICES\6TO4#DependOnGroup HKLM\System\CONTROLSET001\SERVICES\6TO4#ObjectName HKLM\System\CONTROLSET001\SERVICES\6TO4\Config HKLM\System\CONTROLSET001\SERVICES\6TO4\Interfaces HKLM\System\CONTROLSET001\SERVICES\6TO4\Parameters HKLM\System\CONTROLSET001\SERVICES\6TO4\Parameters#ServiceDll HKLM\System\CONTROLSET001\SERVICES\6TO4\Security HKLM\System\CONTROLSET001\SERVICES\6TO4\Teredo HKLM\System\CONTROLSET001\SERVICES\6TO4\Teredo#Type HKLM\System\CONTROLSET001\SERVICES\6TO4\Enum HKLM\System\CONTROLSET001\SERVICES\6TO4\Enum#0 HKLM\System\CONTROLSET001\SERVICES\6TO4\Enum#Count HKLM\System\CONTROLSET001\SERVICES\6TO4\Enum#NextInstance HKLM\System\CONTROLSET005\SERVICES\6TO4 HKLM\System\CONTROLSET005\SERVICES\6TO4#Type HKLM\System\CONTROLSET005\SERVICES\6TO4#Start HKLM\System\CONTROLSET005\SERVICES\6TO4#ErrorControl HKLM\System\CONTROLSET005\SERVICES\6TO4#ImagePath HKLM\System\CONTROLSET005\SERVICES\6TO4#DisplayName HKLM\System\CONTROLSET005\SERVICES\6TO4#DependOnService HKLM\System\CONTROLSET005\SERVICES\6TO4#DependOnGroup HKLM\System\CONTROLSET005\SERVICES\6TO4#ObjectName HKLM\System\CONTROLSET005\SERVICES\6TO4\Config HKLM\System\CONTROLSET005\SERVICES\6TO4\Interfaces HKLM\System\CONTROLSET005\SERVICES\6TO4\Parameters HKLM\System\CONTROLSET005\SERVICES\6TO4\Parameters#ServiceDll HKLM\System\CONTROLSET005\SERVICES\6TO4\Security HKLM\System\CONTROLSET005\SERVICES\6TO4\Teredo HKLM\System\CONTROLSET005\SERVICES\6TO4\Teredo#Type HKLM\System\CURRENTCONTROLSET\SERVICES\6TO4 HKLM\System\CURRENTCONTROLSET\SERVICES\6TO4#Type HKLM\System\CURRENTCONTROLSET\SERVICES\6TO4#Start HKLM\System\CURRENTCONTROLSET\SERVICES\6TO4#ErrorControl HKLM\System\CURRENTCONTROLSET\SERVICES\6TO4#ImagePath HKLM\System\CURRENTCONTROLSET\SERVICES\6TO4#DisplayName HKLM\System\CURRENTCONTROLSET\SERVICES\6TO4#DependOnService HKLM\System\CURRENTCONTROLSET\SERVICES\6TO4#DependOnGroup HKLM\System\CURRENTCONTROLSET\SERVICES\6TO4#ObjectName HKLM\System\CURRENTCONTROLSET\SERVICES\6TO4\Config HKLM\System\CURRENTCONTROLSET\SERVICES\6TO4\Interfaces HKLM\System\CURRENTCONTROLSET\SERVICES\6TO4\Parameters HKLM\System\CURRENTCONTROLSET\SERVICES\6TO4\Parameters#ServiceDll HKLM\System\CURRENTCONTROLSET\SERVICES\6TO4\Security HKLM\System\CURRENTCONTROLSET\SERVICES\6TO4\Teredo HKLM\System\CURRENTCONTROLSET\SERVICES\6TO4\Teredo#Type HKLM\System\CURRENTCONTROLSET\SERVICES\6TO4\Enum HKLM\System\CURRENTCONTROLSET\SERVICES\6TO4\Enum#0 HKLM\System\CURRENTCONTROLSET\SERVICES\6TO4\Enum#Count HKLM\System\CURRENTCONTROLSET\SERVICES\6TO4\Enum#NextInstance the file threats were tracking cookies.
×
×
  • Create New...