Jump to content
dd

Found: Trojan.Net-PhakeRU

Recommended Posts

I currently have ThinkPad T60 with XP Professional Service Pack 3 installed. I found the above a couple of days back. Below is the log of a SUPERAntiSpyware 4.0 scan.

SUPERAntiSpyware Scan Log

https://www.superantispyware.com

Generated 04/17/2008 at 10:00 AM

Application Version : 4.0.1154

Core Rules Database Version : 3439

Trace Rules Database Version: 1431

Scan type : Complete Scan

Total Scan Time : 01:00:04

Memory items scanned : 686

Memory threats detected : 0

Registry items scanned : 5592

Registry threats detected : 9

File items scanned : 24237

File threats detected : 0

Trojan.Net-PhakeRU

HKCR\CLSID\{BF468356-BB7E-42D7-9F15-4F3B9BCFCED2}

HKCR\CLSID\{BF468356-BB7E-42D7-9F15-4F3B9BCFCED2}#AppID

HKCR\CLSID\{BF468356-BB7E-42D7-9F15-4F3B9BCFCED2}\InprocServer32

HKCR\CLSID\{BF468356-BB7E-42D7-9F15-4F3B9BCFCED2}\InprocServer32#InprocServer32

HKCR\CLSID\{BF468356-BB7E-42D7-9F15-4F3B9BCFCED2}\InprocServer32#ThreadingModel

HKCR\CLSID\{BF468356-BB7E-42D7-9F15-4F3B9BCFCED2}\ProgID

HKCR\CLSID\{BF468356-BB7E-42D7-9F15-4F3B9BCFCED2}\Programmable

HKCR\CLSID\{BF468356-BB7E-42D7-9F15-4F3B9BCFCED2}\TypeLib

HKCR\CLSID\{BF468356-BB7E-42D7-9F15-4F3B9BCFCED2}\VersionIndependentProgID

Share this post


Link to post
Share on other sites

As I said the above was detected by SUPERAntiSpyware, but I suspect it has got to do with Client Security Solution of Lenovo (suspected this when I saw this forum post yesterday). I also suspect that it affects my Microsoft Updates updates, for I noticed that after the XP SP3 and Office 2003 installation I cannot download completely the rest of the Microsoft Updates and the Windows Live programs.

So I would like to know what exactly is this, and is it related to one of the ActiveX programs in Internet Explorer 6. Tried searching in your SAS database but could not find much about it.

Share this post


Link to post
Share on other sites

I am also using a Lenovo ThinkPad Z61p with Client Security Solution 8. Based on what I have read on the web, I too suspect that this could be a false positive detection of CLient Security Solution 8's Password Manager.

Windows XP Pro SP3

Share this post


Link to post
Share on other sites

Ah, yes. Finally a reply. I've heard issues about that too, although I suspect it has got some relations with Sonic Update Manager, since nowadays I can't update without removing that program. Thus I'm asking in this forum to clarify (for the Sonic Update Manager issue, that is).

Share this post


Link to post
Share on other sites
I am also using a Lenovo ThinkPad Z61p with Client Security Solution 8. Based on what I have read on the web, I too suspect that this could be a false positive detection of CLient Security Solution 8's Password Manager.

Windows XP Pro SP3

Finally found time to check out this false positive by reinstalling the CSS v8.10.0006. And this is very true; the "infection" was detected. I've downloaded the manual installation file (used to use System Update) and the problem occurs.

May I ask the moderators to look into and correct this?

In the meantime, I'll have to set it to ignore the above false positive.

Share this post


Link to post
Share on other sites
I am also using a Lenovo ThinkPad Z61p with Client Security Solution 8. Based on what I have read on the web, I too suspect that this could be a false positive detection of CLient Security Solution 8's Password Manager.

Windows XP Pro SP3

Finally found time to check out this false positive by reinstalling the CSS v8.10.0006. And this is very true; the "infection" was detected. I've downloaded the manual installation file (used to use System Update) and the problem occurs.

May I ask the moderators to look into and correct this?

In the meantime, I'll have to set it to ignore the above false positive.

Did you submit a false positive report from within the product? If not, can you do that?

Share this post


Link to post
Share on other sites

Yes, I've submitted the false report quite a while back, on the day of my last reply.

Share this post


Link to post
Share on other sites

I have a Lenovo T61 and I am using SuperAntiSpyware and getting an indication of 9 detected items of Trojan.Net-PhakeRU.

As I read this thread, it appears that this is a false positive for a piece of dangerous code.

However, I am also having a significant problem in Windows/Vista Updates - Error 80070490 - which others seem to have in parallel with PhakeRU.

I am wondering what others have done to resolve both of these issues...

Eric

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...