douglas9 Posted January 25, 2010 Downloaded the Download Accelerator Plus (DAP) program from Softpedia and received alert that it was Trojan from SAS. Ran a scan and got the following log. False Positive? Thanks in advance. SUPERAntiSpyware Scan Log https://www.superantispyware.com Generated 01/25/2010 at 11:19 AM Application Version : 4.33.1000 Core Rules Database Version : 4511 Trace Rules Database Version: 2323 Scan type : Complete Scan Total Scan Time : 00:40:38 Memory items scanned : 390 Memory threats detected : 0 Registry items scanned : 3702 Registry threats detected : 26 File items scanned : 21247 File threats detected : 1 Trojan.Agent/Gen HKLM\Software\Classes\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000} HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000} HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000} HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}\InprocServer32 HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}\InprocServer32#ThreadingModel HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}\ProgID HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}\Programmable HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}\TypeLib HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}\VersionIndependentProgID HKCR\SearchHook.SrchHook.1 HKCR\SearchHook.SrchHook.1\CLSID HKCR\SearchHook.SrchHook HKCR\SearchHook.SrchHook\CLSID HKCR\SearchHook.SrchHook\CurVer HKCR\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6} HKCR\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}\1.0 HKCR\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}\1.0\0 HKCR\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}\1.0\0\win32 HKCR\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}\1.0\FLAGS HKCR\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}\1.0\HELPDIR C:\PROGRA~1\DAP\SBSEARCH.DLL HKU\S-1-5-21-1351049213-510416423-149384905-1006\Software\Microsoft\Internet Explorer\URLSearchHooks#{F4F10C1D-87C7-404A-B4B3-000000000000} HKCR\Interface\{02FE50FA-9953-4B3E-98B1-0F1AF2577660} HKCR\Interface\{02FE50FA-9953-4B3E-98B1-0F1AF2577660}\ProxyStubClsid HKCR\Interface\{02FE50FA-9953-4B3E-98B1-0F1AF2577660}\ProxyStubClsid32 HKCR\Interface\{02FE50FA-9953-4B3E-98B1-0F1AF2577660}\TypeLib HKCR\Interface\{02FE50FA-9953-4B3E-98B1-0F1AF2577660}\TypeLib#Version Share this post Link to post Share on other sites
SUPERAntiSpy Posted January 25, 2010 Downloaded the Download Accelerator Plus (DAP) program from Softpedia and received alert that it was Trojan from SAS. Ran a scan and got the following log. False Positive? Thanks in advance. SUPERAntiSpyware Scan Log https://www.superantispyware.com Generated 01/25/2010 at 11:19 AM Application Version : 4.33.1000 Core Rules Database Version : 4511 Trace Rules Database Version: 2323 Scan type : Complete Scan Total Scan Time : 00:40:38 Memory items scanned : 390 Memory threats detected : 0 Registry items scanned : 3702 Registry threats detected : 26 File items scanned : 21247 File threats detected : 1 Trojan.Agent/Gen HKLM\Software\Classes\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000} HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000} HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000} HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}\InprocServer32 HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}\InprocServer32#ThreadingModel HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}\ProgID HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}\Programmable HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}\TypeLib HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}\VersionIndependentProgID HKCR\SearchHook.SrchHook.1 HKCR\SearchHook.SrchHook.1\CLSID HKCR\SearchHook.SrchHook HKCR\SearchHook.SrchHook\CLSID HKCR\SearchHook.SrchHook\CurVer HKCR\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6} HKCR\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}\1.0 HKCR\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}\1.0\0 HKCR\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}\1.0\0\win32 HKCR\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}\1.0\FLAGS HKCR\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}\1.0\HELPDIR C:\PROGRA~1\DAP\SBSEARCH.DLL HKU\S-1-5-21-1351049213-510416423-149384905-1006\Software\Microsoft\Internet Explorer\URLSearchHooks#{F4F10C1D-87C7-404A-B4B3-000000000000} HKCR\Interface\{02FE50FA-9953-4B3E-98B1-0F1AF2577660} HKCR\Interface\{02FE50FA-9953-4B3E-98B1-0F1AF2577660}\ProxyStubClsid HKCR\Interface\{02FE50FA-9953-4B3E-98B1-0F1AF2577660}\ProxyStubClsid32 HKCR\Interface\{02FE50FA-9953-4B3E-98B1-0F1AF2577660}\TypeLib HKCR\Interface\{02FE50FA-9953-4B3E-98B1-0F1AF2577660}\TypeLib#Version Can you do a false positive report from within the program on the SBSEARCH.DLL file? Share this post Link to post Share on other sites
douglas9 Posted January 26, 2010 Can you do a false positive report from within the program on the SBSEARCH.DLL file? Sorry, but elected to unistall the program. Share this post Link to post Share on other sites
Lucie Posted April 5, 2010 ive used DAP for a good while ut i updated it to the newer version a week or so back. after doing a scan with SAS ive had the same results.SAS said i had a Trojan.Agent/Gen same details as the original poster. i also use kaspersky so scanned with that and it showed no issues. so I presume its a false positive? SAS got rid of the trojans no problem. but can/has this been confirmed that it is a false positive? it there a way for it to be confirmed? Share this post Link to post Share on other sites
Seth Posted April 5, 2010 ive used DAP for a good while ut i updated it to the newer version a week or so back. after doing a scan with SAS ive had the same results.SAS said i had a Trojan.Agent/Gen same details as the original poster. i also use kaspersky so scanned with that and it showed no issues. so I presume its a false positive? SAS got rid of the trojans no problem. but can/has this been confirmed that it is a false positive? it there a way for it to be confirmed? I have no doubt that SAS is already looking into it. Share this post Link to post Share on other sites