chorizo Posted November 17, 2008 I first ran NOD32 scan, which found nothing, then I ran SAS scan from UBCD4Win then I ran rootkitrevealer, which just turned up false positives, it seems Share this post Link to post Share on other sites
SUPERAntiSpy Posted November 17, 2008 I first ran NOD32 scan, which found nothing, then I ran SAS scan from UBCD4Winthen I ran rootkitrevealer, which just turned up false positives, it seems So what EXACTLY did we detect incorrectly? What version of SUPERAntiSpyware are you running? Share this post Link to post Share on other sites
chorizo Posted November 17, 2008 Oh whoops I could have sworn I included a log. Oh I just noticed extension txt is not allowed I am running the latest version, at least the version included in the latest UBCD4win It told me it found Rootkit.Unclassified/USBHubB log follows Generated 10/24/2008 at 10:12 PM Application Version : 4.1.1046 Core Rules Database Version : 3605 Trace Rules Database Version: 1591 Scan type : Complete Scan Total Scan Time : 01:24:13 Memory items scanned : 141 Memory threats detected : 0 Registry items scanned : 1098 Registry threats detected : 8 File items scanned : 70977 File threats detected : 1 Rootkit.Unclassified/USBHubB HKLM\SYSTEM\CurrentControlSet\Services\usbhubb HKLM\SYSTEM\CurrentControlSet\Services\usbhubb#ImagePath HKLM\SYSTEM\CurrentControlSet\Services\usbhubb#DisplayName HKLM\SYSTEM\CurrentControlSet\Services\usbhubb#Type HKLM\SYSTEM\CurrentControlSet\Services\usbhubb#Start HKLM\SYSTEM\CurrentControlSet\Services\usbhubb#ErrorControl HKLM\SYSTEM\CurrentControlSet\Services\usbhubb#Tag HKLM\SYSTEM\CurrentControlSet\Services\usbhubb#Group Adware.Tracking Cookie C:\Documents and Settings\Guest\Cookies\guest@atwola[1].txt Share this post Link to post Share on other sites
Pandato Posted November 18, 2008 You ar not running the current version of SAS Share this post Link to post Share on other sites
SUPERAntiSpy Posted November 18, 2008 Please update to 4.22.1014 and perform the scan again. Share this post Link to post Share on other sites