Jump to content
Sign in to follow this  
Cnon

I'm using SAS 5.0 pre-release and I think I have some false positives

Recommended Posts

Dear All,

I'm using SAS 5.0 pre-release and I think I have some false positives.

Here my log:

SUPERAntiSpyware Scan Log

https://www.superantispyware.com

Generated 04/22/2011 at 06:08 PM

Application Version : 5.0.1078

Core Rules Database Version : 6901

Trace Rules Database Version: 4713

Scan type : Quick Scan

Total Scan Time : 00:03:53

Operating System Information

Windows 7 Home Premium 64-bit (Build 6.01.7600)

UAC Off - Administrator

Memory items scanned : 601

Memory threats detected : 0

Registry items scanned : 59585

Registry threats detected : 18

File items scanned : 13762

File threats detected : 0

Security.HiJack[imageFileExecutionOptions]

(x86) HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CREATOR12OEM.EXE

(x86) HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CREATOR12OEM.EXE#Debugger

(x86) HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DISCIMAGELOADER12OEM.EXE

(x86) HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DISCIMAGELOADER12OEM.EXE#Debugger

(x86) HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DSLAUNCHER.EXE

(x86) HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DSLAUNCHER.EXE#Debugger

(x86) HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IASTORUI.EXE

(x86) HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IASTORUI.EXE#Debugger

(x86) HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PICTUREVIEWER.EXE

(x86) HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PICTUREVIEWER.EXE#Debugger

(x86) HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QUICKTIMEPLAYER.EXE

(x86) HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QUICKTIMEPLAYER.EXE#Debugger

(x86) HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RETRIEVE12OEM.EXE

(x86) HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RETRIEVE12OEM.EXE#Debugger

(x86) HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ROXIOCENTRALFX.EXE

(x86) HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ROXIOCENTRALFX.EXE#Debugger

(x86) HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\THXAUDIO.EXE

(x86) HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\THXAUDIO.EXE#Debugger

Share this post


Link to post
Share on other sites

Dear All,

I'm using SAS 5.0 pre-release and I think I have some false positives.

Here my log:

SUPERAntiSpyware Scan Log

https://www.superantispyware.com

Generated 04/22/2011 at 06:08 PM

Application Version : 5.0.1078

Core Rules Database Version : 6901

Trace Rules Database Version: 4713

Scan type : Quick Scan

Total Scan Time : 00:03:53

Operating System Information

Windows 7 Home Premium 64-bit (Build 6.01.7600)

UAC Off - Administrator

Memory items scanned : 601

Memory threats detected : 0

Registry items scanned : 59585

Registry threats detected : 18

File items scanned : 13762

File threats detected : 0

Security.HiJack[imageFileExecutionOptions]

(x86) HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CREATOR12OEM.EXE

(x86) HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CREATOR12OEM.EXE#Debugger

(x86) HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DISCIMAGELOADER12OEM.EXE

(x86) HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DISCIMAGELOADER12OEM.EXE#Debugger

(x86) HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DSLAUNCHER.EXE

(x86) HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DSLAUNCHER.EXE#Debugger

(x86) HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IASTORUI.EXE

(x86) HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IASTORUI.EXE#Debugger

(x86) HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PICTUREVIEWER.EXE

(x86) HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PICTUREVIEWER.EXE#Debugger

(x86) HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QUICKTIMEPLAYER.EXE

(x86) HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QUICKTIMEPLAYER.EXE#Debugger

(x86) HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RETRIEVE12OEM.EXE

(x86) HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RETRIEVE12OEM.EXE#Debugger

(x86) HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ROXIOCENTRALFX.EXE

(x86) HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ROXIOCENTRALFX.EXE#Debugger

(x86) HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\THXAUDIO.EXE

(x86) HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\THXAUDIO.EXE#Debugger

Yes, you have a bunch of False Positives. Submit them per the instructions in the link below. Be sure to update the definitions to the latest versions before you submit these just to ensure that they have not already been corrected.

https://www.superantispyware.com/supportfaqdisplay.html?faq=28

Share this post


Link to post
Share on other sites

Yes, you have a bunch of False Positives. Submit them per the instructions in the link below. Be sure to update the definitions to the latest versions before you submit these just to ensure that they have not already been corrected.

https://www.superantispyware.com/supportfaqdisplay.html?faq=28

Thanks for the info, but the report false positives button is grayed out :(

Even with the items checked.

And I had the latest definitions before my latest scan.

Cnon

Share this post


Link to post
Share on other sites

Just to update,

SAS customer service told me to trust the items, as they were false positives and I did so and everything is fine now.

Thanks,

Cnon

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  

×
×
  • Create New...