Jump to content
Sign in to follow this  
Chipmunk

Trojan.Agent/Gen-Boonty

Recommended Posts

Hi

I have just updated and run a quick scan of SAS 5.0.1134 DB Version 7843 and as I normally only find Tracking Objects I was surprised to see Critical Threats (3 items found).

The items are:

HKLM\System\CurrentControl\Set\Services|BOONTY GAMES

C:\PROGRAM FILES\COMMON FILES\BOONTY SHAR...\BOONTY.EXE

HKLM\System\CurrentControlSet\Enum|...\LEGACY_BOONTY GAMES

I have now updated and just done a quick scan of MBAM and it reports no malicious items detected.

I think the BOONTY games entries are related to the game 'My Kingdom for the Princess' which has been on the PC for some time so I wonder if the Critical Threats listed by SAS are false positives. I am somewhat new to all this so would be grateful for some advice and guidance. I have not removed the items at this stage - only the usual Tracking Objects.

Share this post


Link to post
Share on other sites

This is now confirmed as a false positive and cleared with the updates today 2 December. For the benefit of readers who, like me, are new to all this, I found that the procedure that SuperAntiSpyware require us to use is to send the details using their program.

If you open SuperAntiSpyware and click on the ‘Help’ button in the bottom right hand corner, the page opens at ‘Customer Service and Product Support’. Scroll down to the section headed ‘Malware Detection and Removal’ and click on the item ‘I think SuperAntiSpyware detected something it should not have. What do I do?’

You will then see instructions on how to send details for SuperAntiSpyware people to investigate. I found that, when you have completed a scan and found items that you feel might be false positives, it is necessary to report them individually at the end of the scan.

In the example shown in the answer to the question in the above paragraph you would click on the file C:\Documents and Settings\Nick Skrepetos\Desktop\Spyware Research|WTOOLSA to highlight it and then click on the ‘Report False Positive’ button. Note that when you are sending each file you have to provide your email address and provide information why you are sending the report. When you have sent the first file you then click on the second file C:\Documents and Settings\Nick Skrepetos\Desktop\Spyware Research|WTOOLSS to highlight it and then click on the ‘Report False Positive’ button again. Repeat this procedure for each file that you wish to send.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  

×