Jump to content
zoril1

(SOLVED) Last SuperAntiSpyware definitions are a nightmare!!!!!

By zoril1, in False Positives

Recommended Posts

zoril1   

zoril1
Posted

Hi there:)

 

I use Superantispware(liftime) on a daily basis. Last nights definitions identified many known and trusted files, as either Adware.AddLyrics/Variant, or PUP.BProtector/Variant. 

 

I must emphasise that these files have been scanned for months with SAS and also a number of other established virus checkers and antispyware programs, including Malware AntimalwareByytes, Emsisoft, Avast and Eset online scanner.

 

As an additional measure  last night  I sent  a number of these files  to VirusTotal for multi engine scanning and all showed clean!

 

I must further emphasise that the box "Scan for frequently unwanted programs," was unchecked before the complete scan. I looked to see if there was any option to disable pup, or unwanted program detection, but found none other then that box.

 

Here is a list of the programs it found (see below). I have sent you both the quick scan and the complete log file. I whitelisted all.

 

Surely there should be an option to prevent this happening? The problem has only arisen for the first time after installing the latest SAS definitions:-

 

********************************************************************************************************************************************************

 

SUPERAntiSpyware Scan Log
https://www.superantispyware.com

Generated 09/14/2014 at 03:04 AM

Application Version : 6.0.1130
Database Version : 11502

Scan type       : Quick Scan
Total Scan Time : 00:02:54

Operating System Information
Windows 8.1 64-bit (Build 6.03.9200)
UAC On - Limited User

Memory items scanned      : 919
Memory threats detected   : 0
Registry items scanned    : 56290
Registry threats detected : 0
File items scanned        : 11689
File threats detected     : 25

Adware.AddLyrics/Variant
    C:\USERS\HOWARDNEWCASTLE\DESKTOP\BTBBDESKTOPHELPINSTALL.EXE
    C:\USERS\HOWARDNEWCASTLE\DESKTOP\IMPORTANT\ALLMYNOTES\INSTALL_ALLMYNOTES_2_60_DELUXE.EXE
    C:\USERS\HOWARDNEWCASTLE\DESKTOP\IMPORTANT\CNET_TECHTRACKER_1_0_44_SETUP.EXE
    C:\USERS\HOWARDNEWCASTLE\DESKTOP\IMPORTANT\FSRESIZERSETUP30.EXE
    C:\USERS\HOWARDNEWCASTLE\DESKTOP\IMPORTANT\FSVIEWERSETUP42.EXE
    C:\USERS\HOWARDNEWCASTLE\DESKTOP\IMPORTANT\IMAGEMENDER\IMENDER1.22.EXE
    C:\USERS\HOWARDNEWCASTLE\DESKTOP\IMPORTANT\IR051.EXE
    C:\USERS\HOWARDNEWCASTLE\DESKTOP\IMPORTANT WINDOWS 8\BITSDUJOUR  - AUDIO RECORD WIZARD\ARW6-SEPTEMBER2013.EXE
    C:\USERS\HOWARDNEWCASTLE\DESKTOP\IMPORTANT WINDOWS 8\BLEACHBIT-1.2-SETUP.EXE
    C:\USERS\HOWARDNEWCASTLE\DESKTOP\IMPORTANT WINDOWS 8\PHOXO.EXE
    C:\USERS\HOWARDNEWCASTLE\DESKTOP\IMPORTANT WINDOWS 8\SOS SECURESAFE PRO\SECURESAFEPRO_SETUP.EXE

PUP.BProtector/Variant
    C:\USERS\HOWARDNEWCASTLE\DESKTOP\CYBERGHOST FREEWARE\CG_5.0.13.17.EXE
    C:\USERS\HOWARDNEWCASTLE\DESKTOP\IMPORTANT WINDOWS 8\BITSDUJOUR - BOLIDE MOVIE CREATOR\BMC_SETUP.EXE
    C:\USERS\HOWARDNEWCASTLE\DESKTOP\IMPORTANT WINDOWS 8\BITSDUJOUR - BOLIDE MOVIE CREATOR\BMC_SETUP_AUGUST2013.EXE
    C:\USERS\HOWARDNEWCASTLE\DESKTOP\IMPORTANT WINDOWS 8\BSC_SETUP.EXE
    C:\USERS\HOWARDNEWCASTLE\DESKTOP\IMPORTANT WINDOWS 8\GREENSHOT-INSTALLER-1.1.7.17.EXE
    C:\USERS\HOWARDNEWCASTLE\DESKTOP\IMPORTANT WINDOWS 8\JIHOSOFT VIDEO CONVERTER GIVEAWAY\JIHOSOFTVIDEOCONVERTER2.3.EXE
    C:\USERS\HOWARDNEWCASTLE\DESKTOP\IMPORTANT WINDOWS 8\M3 FILE RESCUER PRO - BITSDUJOUR\M3_FLR_PRO_GIVEAWAY_JUNE_2013.EXE
    C:\USERS\HOWARDNEWCASTLE\DESKTOP\IMPORTANT WINDOWS 8\SOS BRIGHTNESS\BRIGHTNESSGUIDE-SOS.EXE
    ZIP ARCHIVE( C:\USERS\HOWARDNEWCASTLE\DESKTOP\IMPORTANT WINDOWS 8\SOS COSMETIC GUIDE\COSMETICGUIDE-SOS.ZIP )/COSMETICGUIDE-SOS.EXE
    C:\USERS\HOWARDNEWCASTLE\DESKTOP\IMPORTANT WINDOWS 8\SOS COSMETIC GUIDE\COSMETICGUIDE-SOS.ZIP
    C:\USERS\HOWARDNEWCASTLE\DESKTOP\IMPORTANT WINDOWS 8\SOS IMAGERESIZE\IMAGERESIZEGUIDE-ENGLISH.EXE
    C:\USERS\HOWARDNEWCASTLE\DESKTOP\IMPORTANT WINDOWS 8\SOS PICTURECUTOUTGUIDE\PICTURECUTOUTGUIDE-SOS.EXE
    C:\USERS\HOWARDNEWCASTLE\DESKTOP\IMPORTANT WINDOWS 8\SOS SOFT ORGANIZER\SOFT-ORGANIZER-SWONSALE.EXE
    C:\USERS\HOWARDNEWCASTLE\DESKTOP\IMPORTANT WINDOWS 8\ULTRASEARCH-X64-SETUP.EXE

============
 End of Log
============

 

SUPERAntiSpyware Scan Log
https://www.superantispyware.com

Generated 09/14/2014 at 04:15 AM

Application Version : 6.0.1130
Database Version : 11502

Scan type       : Complete Scan
Total Scan Time : 00:12:59

Operating System Information
Windows 8.1 64-bit (Build 6.03.9200)
UAC On - Limited User

Memory items scanned      : 923
Memory threats detected   : 0
Registry items scanned    : 62034
Registry threats detected : 0
File items scanned        : 45474
File threats detected     : 25

Adware.AddLyrics/Variant
    C:\PROGRAM FILES (X86)\1-ABC\FILE RENAMER\UNINST.EXE
    C:\PROGRAM FILES (X86)\1-ABC\FILE WASHER\UNINST.EXE
    C:\PROGRAM FILES (X86)\ANVSOFT\PHOTO SLIDESHOW MAKER PROFESSIONAL\UNINST.EXE
    C:\PROGRAM FILES (X86)\ARCSOFT\PERFECT365\UNINSTALL.EXE
    C:\PROGRAM FILES (X86)\AUDIO RECORD WIZARD\UNINSTALL.EXE
    C:\PROGRAM FILES (X86)\BLEACHBIT\UNINSTALL.EXE
    C:\PROGRAM FILES (X86)\FACEOFFMAX\UNINST.EXE
    C:\PROGRAM FILES (X86)\PHOXO\UNINST.EXE
    C:\PROGRAM FILES (X86)\WIZARDRECOVERY COMPANY\DISK RECOVERY WIZARD\UNINSTALL.EXE
    C:\PROGRAM FILES (X86)\ZOOM PLAYER\UNINSTALL.EXE
    C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\ARCSOFT\PERFECT365\UNINSTALL.LNK
    C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\AUDIO RECORD WIZARD\UNINSTALL.LNK
    C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\FACE OFF MAX\UNINSTALL FACE OFF MAX.LNK
    C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\ZOOM PLAYER\UNINSTALL.LNK
    C:\USERS\HOWARDNEWCASTLE\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\1-ABC\FILE RENAMER\UNINSTALL FILE RENAMER.LNK
    C:\USERS\HOWARDNEWCASTLE\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\1-ABC\FILE WASHER\UNINSTALL FILE WASHER.LNK
    C:\USERS\HOWARDNEWCASTLE\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\ANVSOFT\PHOTO SLIDESHOW MAKER PROFESSIONAL\UNINSTALL.LNK
    C:\USERS\HOWARDNEWCASTLE\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\BLEACHBIT\UNINSTALL.LNK
    C:\USERS\HOWARDNEWCASTLE\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\PHOXO\PHOXO UNINSTALL.LNK
    C:\USERS\HOWARDNEWCASTLE\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\WIZARDRECOVERY COMPANY\DISK RECOVERY WIZARD\UNINSTALL.LNK

PUP.BProtector/Variant
    C:\PROGRAM FILES (X86)\VIDEO TO VIDEO\WT5_1.EXE
    C:\USERS\HOWARDNEWCASTLE\APPDATA\LOCAL\MICROSOFT\WINDOWS\FILEHISTORY\DATA\5943\C\USERS\HOWARDNEWCASTLE\DESKTOP\IMPORTANT WINDOWS 8\BITSDUJOUR - BOLIDE MOVIE CREATOR\BMC_SETUP.EXE
    C:\USERS\HOWARDNEWCASTLE\APPDATA\LOCAL\MICROSOFT\WINDOWS\FILEHISTORY\DATA\5943\C\USERS\HOWARDNEWCASTLE\DESKTOP\IMPORTANT WINDOWS 8\BITSDUJOUR - BOLIDE MOVIE CREATOR\BMC_SETUP_AUGUST2013.EXE
    C:\USERS\HOWARDNEWCASTLE\APPDATA\LOCAL\MICROSOFT\WINDOWS\FILEHISTORY\DATA\5943\C\USERS\HOWARDNEWCASTLE\DESKTOP\IMPORTANT WINDOWS 8\BSC_SETUP.EXE
    Z:\GOG GAMES\BALDURS GATE 2\SETUP_BALDURS_GATE2_2.0.0.12.EXE

============
 End of Log
============
 


 

 

 

Share this post

Link to post
Share on other sites

zoril1   

zoril1
Posted

Zoril1,

 

Sorry for the inconvenience caused.

 

We have published an update to our definitions, version 11505.  These files should no longer be detected by our scanner.

Appreciated the prompt response:) Well done!

Share this post

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Go To Topic Listing False Positives
×