Trojan.Agent/Gen (Download Accelerator Plus (DAP)

[douglas9]

Downloaded the Download Accelerator Plus (DAP) program from Softpedia and received alert that it was Trojan from SAS. Ran a scan and got the following log. False Positive? Thanks in advance.

SUPERAntiSpyware Scan Log

https://www.superantispyware.com

Generated 01/25/2010 at 11:19 AM

Application Version : 4.33.1000

Core Rules Database Version : 4511

Trace Rules Database Version: 2323

Scan type : Complete Scan

Total Scan Time : 00:40:38

Memory items scanned : 390

Memory threats detected : 0

Registry items scanned : 3702

Registry threats detected : 26

File items scanned : 21247

File threats detected : 1

Trojan.Agent/Gen

HKLM\Software\Classes\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}

HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}

HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}

HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}\InprocServer32

HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}\InprocServer32#ThreadingModel

HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}\ProgID

HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}\Programmable

HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}\TypeLib

HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}\VersionIndependentProgID

HKCR\SearchHook.SrchHook.1

HKCR\SearchHook.SrchHook.1\CLSID

HKCR\SearchHook.SrchHook

HKCR\SearchHook.SrchHook\CLSID

HKCR\SearchHook.SrchHook\CurVer

HKCR\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}

HKCR\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}\1.0

HKCR\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}\1.0\0

HKCR\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}\1.0\0\win32

HKCR\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}\1.0\FLAGS

HKCR\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}\1.0\HELPDIR

C:\PROGRA~1\DAP\SBSEARCH.DLL

HKU\S-1-5-21-1351049213-510416423-149384905-1006\Software\Microsoft\Internet Explorer\URLSearchHooks#{F4F10C1D-87C7-404A-B4B3-000000000000}

HKCR\Interface\{02FE50FA-9953-4B3E-98B1-0F1AF2577660}

HKCR\Interface\{02FE50FA-9953-4B3E-98B1-0F1AF2577660}\ProxyStubClsid

HKCR\Interface\{02FE50FA-9953-4B3E-98B1-0F1AF2577660}\ProxyStubClsid32

HKCR\Interface\{02FE50FA-9953-4B3E-98B1-0F1AF2577660}\TypeLib

HKCR\Interface\{02FE50FA-9953-4B3E-98B1-0F1AF2577660}\TypeLib#Version

[SUPERAntiSpy]

Downloaded the Download Accelerator Plus (DAP) program from Softpedia and received alert that it was Trojan from SAS. Ran a scan and got the following log. False Positive? Thanks in advance.

SUPERAntiSpyware Scan Log

https://www.superantispyware.com

Generated 01/25/2010 at 11:19 AM

Application Version : 4.33.1000

Core Rules Database Version : 4511

Trace Rules Database Version: 2323

Scan type : Complete Scan

Total Scan Time : 00:40:38

Memory items scanned : 390

Memory threats detected : 0

Registry items scanned : 3702

Registry threats detected : 26

File items scanned : 21247

File threats detected : 1

Trojan.Agent/Gen

HKLM\Software\Classes\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}

HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}

HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}

HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}\InprocServer32

HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}\InprocServer32#ThreadingModel

HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}\ProgID

HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}\Programmable

HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}\TypeLib

HKCR\CLSID\{F4F10C1D-87C7-404A-B4B3-000000000000}\VersionIndependentProgID

HKCR\SearchHook.SrchHook.1

HKCR\SearchHook.SrchHook.1\CLSID

HKCR\SearchHook.SrchHook

HKCR\SearchHook.SrchHook\CLSID

HKCR\SearchHook.SrchHook\CurVer

HKCR\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}

HKCR\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}\1.0

HKCR\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}\1.0\0

HKCR\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}\1.0\0\win32

HKCR\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}\1.0\FLAGS

HKCR\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}\1.0\HELPDIR

C:\PROGRA~1\DAP\SBSEARCH.DLL

HKU\S-1-5-21-1351049213-510416423-149384905-1006\Software\Microsoft\Internet Explorer\URLSearchHooks#{F4F10C1D-87C7-404A-B4B3-000000000000}

HKCR\Interface\{02FE50FA-9953-4B3E-98B1-0F1AF2577660}

HKCR\Interface\{02FE50FA-9953-4B3E-98B1-0F1AF2577660}\ProxyStubClsid

HKCR\Interface\{02FE50FA-9953-4B3E-98B1-0F1AF2577660}\ProxyStubClsid32

HKCR\Interface\{02FE50FA-9953-4B3E-98B1-0F1AF2577660}\TypeLib

HKCR\Interface\{02FE50FA-9953-4B3E-98B1-0F1AF2577660}\TypeLib#Version

Can you do a false positive report from within the program on the SBSEARCH.DLL file?

[douglas9]

Can you do a false positive report from within the program on the SBSEARCH.DLL file?

Sorry, but elected to unistall the program.

[Lucie]

ive used DAP for a good while ut i updated it to the newer version a week or so back. after doing a scan with SAS ive had the same results.SAS said i had a Trojan.Agent/Gen same details as the original poster. i also use kaspersky so scanned with that and it showed no issues. so I presume its a false positive? SAS got rid of the trojans no problem. but can/has this been confirmed that it is a false positive? it there a way for it to be confirmed?

[Seth]

ive used DAP for a good while ut i updated it to the newer version a week or so back. after doing a scan with SAS ive had the same results.SAS said i had a Trojan.Agent/Gen same details as the original poster. i also use kaspersky so scanned with that and it showed no issues. so I presume its a false positive? SAS got rid of the trojans no problem. but can/has this been confirmed that it is a false positive? it there a way for it to be confirmed?

I have no doubt that SAS is already looking into it.