Jump to content
Sign in to follow this  
Followers 0
douglas9

Trojan.Agent/Gen (Download Accelerator Plus (DAP)

By douglas9, in False Positives

Recommended Posts

douglas9   

douglas9
Posted

Downloaded the Download Accelerator Plus (DAP) program from Softpedia and received alert that it was Trojan from SAS. Ran a scan and got the following log. False Positive? Thanks in advance.

SUPERAntiSpyware Scan Log

https://www.superantispyware.com

Generated 01/25/2010 at 11:19 AM

Application Version : 4.33.1000

Core Rules Database Version : 4511

Trace Rules Database Version: 2323

Scan type : Complete Scan

Total Scan Time : 00:40:38

Memory items scanned : 390

Memory threats detected : 0

Registry items scanned : 3702

Registry threats detected : 26

File items scanned : 21247

File threats detected : 1

Trojan.Agent/Gen

HKLM\Software\Classes\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}

HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}

HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}

HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}\InprocServer32

HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}\InprocServer32#ThreadingModel

HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}\ProgID

HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}\Programmable

HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}\TypeLib

HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}\VersionIndependentProgID

HKCR\SearchHook.SrchHook.1

HKCR\SearchHook.SrchHook.1\CLSID

HKCR\SearchHook.SrchHook

HKCR\SearchHook.SrchHook\CLSID

HKCR\SearchHook.SrchHook\CurVer

HKCR\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}

HKCR\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}\1.0

HKCR\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}\1.0\0

HKCR\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}\1.0\0\win32

HKCR\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}\1.0\FLAGS

HKCR\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}\1.0\HELPDIR

C:\PROGRA~1\DAP\SBSEARCH.DLL

HKU\S-1-5-21-1351049213-510416423-149384905-1006\Software\Microsoft\Internet Explorer\URLSearchHooks#{F4F10C1D-87C7-404A-B4B3-000000000000}

HKCR\Interface\{02FE50FA-9953-4B3E-98B1-0F1AF2577660}

HKCR\Interface\{02FE50FA-9953-4B3E-98B1-0F1AF2577660}\ProxyStubClsid

HKCR\Interface\{02FE50FA-9953-4B3E-98B1-0F1AF2577660}\ProxyStubClsid32

HKCR\Interface\{02FE50FA-9953-4B3E-98B1-0F1AF2577660}\TypeLib

HKCR\Interface\{02FE50FA-9953-4B3E-98B1-0F1AF2577660}\TypeLib#Version

Share this post

Link to post
Share on other sites

SUPERAntiSpy   

SUPERAntiSpy
Posted

Downloaded the Download Accelerator Plus (DAP) program from Softpedia and received alert that it was Trojan from SAS. Ran a scan and got the following log. False Positive? Thanks in advance.

SUPERAntiSpyware Scan Log

https://www.superantispyware.com

Generated 01/25/2010 at 11:19 AM

Application Version : 4.33.1000

Core Rules Database Version : 4511

Trace Rules Database Version: 2323

Scan type : Complete Scan

Total Scan Time : 00:40:38

Memory items scanned : 390

Memory threats detected : 0

Registry items scanned : 3702

Registry threats detected : 26

File items scanned : 21247

File threats detected : 1

Trojan.Agent/Gen

HKLM\Software\Classes\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}

HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}

HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}

HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}\InprocServer32

HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}\InprocServer32#ThreadingModel

HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}\ProgID

HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}\Programmable

HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}\TypeLib

HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}\VersionIndependentProgID

HKCR\SearchHook.SrchHook.1

HKCR\SearchHook.SrchHook.1\CLSID

HKCR\SearchHook.SrchHook

HKCR\SearchHook.SrchHook\CLSID

HKCR\SearchHook.SrchHook\CurVer

HKCR\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}

HKCR\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}\1.0

HKCR\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}\1.0\0

HKCR\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}\1.0\0\win32

HKCR\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}\1.0\FLAGS

HKCR\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}\1.0\HELPDIR

C:\PROGRA~1\DAP\SBSEARCH.DLL

HKU\S-1-5-21-1351049213-510416423-149384905-1006\Software\Microsoft\Internet Explorer\URLSearchHooks#{F4F10C1D-87C7-404A-B4B3-000000000000}

HKCR\Interface\{02FE50FA-9953-4B3E-98B1-0F1AF2577660}

HKCR\Interface\{02FE50FA-9953-4B3E-98B1-0F1AF2577660}\ProxyStubClsid

HKCR\Interface\{02FE50FA-9953-4B3E-98B1-0F1AF2577660}\ProxyStubClsid32

HKCR\Interface\{02FE50FA-9953-4B3E-98B1-0F1AF2577660}\TypeLib

HKCR\Interface\{02FE50FA-9953-4B3E-98B1-0F1AF2577660}\TypeLib#Version

Can you do a false positive report from within the program on the SBSEARCH.DLL file?

Share this post

Link to post
Share on other sites

Lucie   

Lucie
Posted

ive used DAP for a good while ut i updated it to the newer version a week or so back. after doing a scan with SAS ive had the same results.SAS said i had a Trojan.Agent/Gen same details as the original poster. i also use kaspersky so scanned with that and it showed no issues. so I presume its a false positive? SAS got rid of the trojans no problem. but can/has this been confirmed that it is a false positive? it there a way for it to be confirmed?

Share this post

Link to post
Share on other sites

Seth   

Seth
Posted

ive used DAP for a good while ut i updated it to the newer version a week or so back. after doing a scan with SAS ive had the same results.SAS said i had a Trojan.Agent/Gen same details as the original poster. i also use kaspersky so scanned with that and it showed no issues. so I presume its a false positive? SAS got rid of the trojans no problem. but can/has this been confirmed that it is a false positive? it there a way for it to be confirmed?

I have no doubt that SAS is already looking into it.

Share this post

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0
Go To Topic Listing False Positives
×