Jump to content
nrs

Falls Positives in DLLs

Recommended Posts

I've checked all of these with the latest Symantec Antivirus and Spybot, and most of them with these online virus scanners: http://www.virustotal.com and http://virusscan.jotti.org/en.

They look like false positives to me. In most cases, SuperAntispyware under virustotal didn't find anything either! One exception:

File name: idPublic.dll

Submission date: 2011-05-03 16:49:26 (UTC)

Current status: finished

Result: 1 /42 (2.4%)

SUPERAntiSpyware 4.40.0.1006 2011.05.03 Trojan.Agent/Gen-Bancos

But nothing else found anything in that scan.

Here's the log, with all the likely false positives.

SUPERAntiSpyware Scan Log

https://www.superantispyware.com

Generated 05/03/2011 at 10:51 AM

Application Version : 4.51.1000

Core Rules Database Version : 6978

Trace Rules Database Version: 4790

Scan type : Quick Scan

Total Scan Time : 01:19:45

Memory items scanned : 786

Memory threats detected : 0

Registry items scanned : 2915

Registry threats detected : 0

File items scanned : 116359

File threats detected : 41

Adware.Tracking Cookie

C:\Users\nrshapiro\AppData\Roaming\Microsoft\Windows\Cookies\nrshapiro@pointroll[2].txt

C:\Users\nrshapiro\AppData\Roaming\Microsoft\Windows\Cookies\nrshapiro@imrworldwide[2].txt

cdn.media.abc.com [ C:\Users\nrshapiro\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GAB6FC2F ]

ia.media-imdb.com [ C:\Users\nrshapiro\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GAB6FC2F ]

ictv-ic-ec.indieclicktv.com [ C:\Users\nrshapiro\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GAB6FC2F ]

media.mtvnservices.com [ C:\Users\nrshapiro\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GAB6FC2F ]

media.oprah.com [ C:\Users\nrshapiro\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GAB6FC2F ]

media.scanscout.com [ C:\Users\nrshapiro\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GAB6FC2F ]

media.washingtonpost.com [ C:\Users\nrshapiro\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GAB6FC2F ]

media10.washingtonpost.com [ C:\Users\nrshapiro\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GAB6FC2F ]

msnbcmedia.msn.com [ C:\Users\nrshapiro\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GAB6FC2F ]

polltracker.talkingpointsmemo.com [ C:\Users\nrshapiro\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GAB6FC2F ]

secure-uk.imrworldwide.com [ C:\Users\nrshapiro\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GAB6FC2F ]

secure-us.imrworldwide.com [ C:\Users\nrshapiro\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GAB6FC2F ]

www.royalmediamarketing.com [ C:\Users\nrshapiro\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GAB6FC2F ]

Trojan.Vundo-Variant/F

C:\WIN32APP\ADOBE\ILLUSTRATOR 8.0\PLUG-INS\ILLUSTRATOR FORMATS - ADDITIONAL\IMSTYPE.DLL

C:\WIN32APP\ADOBE\ILLUSTRATOR 8.0\PLUG-INS\TEXT FILE FORMATS\W001F32W.DLL

C:\WIN32APP\AXIALISICONWORKSHOP\AXSTDCTL.DLL

C:\WIN32APP\BENCH\AIDA32\AIDA_DIRECTX.DLL

C:\WIN32APP\CW32\AWK\AWK.DLL

C:\WIN32APP\CW32\PYTHON.DLL

C:\WIN32APP\ECCO\ECVBDDE.DLL

C:\WIN32APP\EXPENSABLE\QEXTB.DLL

C:\WIN32APP\EXPENSABLE\TWSCAN32.DLL

C:\WIN32APP\FTW\EREG\SYSINFONT.DLL

C:\WIN32APP\FTW\FTWONL32.DLL

C:\WIN32APP\ILLUSTRATOR 8.0\PLUG-INS\ILLUSTRATOR FORMATS - ADDITIONAL\IMSTYPE.DLL

C:\WIN32APP\ILLUSTRATOR 8.0\PLUG-INS\TEXT FILE FORMATS\W001F32W.DLL

C:\WIN32APP\MEMORIESONTV3\BURN\BURNNERO.DLL

C:\WIN32APP\MEMORIESONTV3\EXPORT\EXPORT.DLL

C:\WIN32APP\MEMORIESONTV3\PLUGINS\EFFECTMULT.DLL

C:\WIN32APP\MEMORIESONTV3\PLUGINS\EFFECTTEXT.DLL

C:\WIN32APP\PKFED\GATC.DLL

C:\WIN32APP\PKFED\NORAND.DLL

C:\WIN32APP\PKFED\STANDARD.DLL

C:\WIN32APP\POWERDESK5\PDRAR.DLL

C:\WIN32APP\PSPAD EDITOR\PLUGINS\FILETYPE\ZTEXT.DLL

C:\WIN32APP\QUICKEN2006\INETTOOLS.DLL

C:\WIN32APP\WHEREISIT\PLUGINS\DESCMOVIES.DLL

C:\WIN32APP\WHEREISIT\PLUGINS\GEOSPLUGIN.DLL

Trojan.Agent/Gen-Bancos

C:\WIN32APP\IDIMAGER\IDPUBLIC.DLL

Share this post


Link to post
Share on other sites

Your definitions are a bit behind; please update them as soon as possible for your security! Also in reference to the false positive; please submit a support ticket so we may take a closer look at the problem.

To Create A Support Ticket:

https://www.superantispyware.com/csrcreateticket.html

Ok, I updated them, and the false positives were still there. I did file a report, but realize in retrospect that I didn't attach any of the files that were checked. Does it attach sample files if you file a report directly from Superantispyware?

Share this post


Link to post
Share on other sites

Ok, I updated them, and the false positives were still there. I did file a report, but realize in retrospect that I didn't attach any of the files that were checked. Does it attach sample files if you file a report directly from Superantispyware?

Once submitted; our support team will work with the development team to find a remedy or reply to you with instructions on the files in question within the CSR.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

×
×
  • Create New...