vini23hot Posted October 24, 2014 Hello, I have a problem on my SUPERAntiSpyware, it is detecting a virus named: Rootkit.Gen/access.process in a game called Smite, whenever I open the game this message pops up and it says that the SUPERAntiSpyware removed, wanted to know if this virus is harmful and is false positive. Game: http://smite.com.br/ Share this post Link to post Share on other sites
SAS Malware Research Posted October 24, 2014 Hello vini23hot, The best way for us to help you with this is for you to submit the detected file to us as a false positive. After the scan is complete, click the + on the left of the detection to see the files detected. Next, click the thumbs-up icon on the right and the file will be submitted to us so we can take further action. SUPERAntiSpyware Malware Research Share this post Link to post Share on other sites
vini23hot Posted October 24, 2014 I could not submit the deleted file, but I could take pictures of the message. @EDIT: I came in contact with the developers of the game, and they answered me the following: Our games do not have any malicious program or file. But some game files need to access and modify files on your computer, so the virus can understand that it is some kind of suspicious activity. To solve this case, we ask that you make the release of the game in your antivirus. If you have any questions to do this, we guide you refer to your antivirus documentation. Share this post Link to post Share on other sites
SAS Malware Research Posted October 24, 2014 Hello vini23hot, Another way we can get the file is if you submit it to VirusTotal.com and post the link here. Simply click the 'Choose File' button, navigate to C:\USERS\CARLOS\APPDATA\LOCAL\TEMP\, and select the appropriate file. After the scan is complete, post a link to the results here. SUPERAntiSpyware Malware Research Share this post Link to post Share on other sites
vini23hot Posted October 24, 2014 Hello vini23hot, Another way we can get the file is if you submit it to VirusTotal.com and post the link here. Simply click the 'Choose File' button, navigate to C:\USERS\CARLOS\APPDATA\LOCAL\TEMP\, and select the appropriate file. After the scan is complete, post a link to the results here. SUPERAntiSpyware Malware Research I did not get the specific folder where the infected file, then I analyzed all the files from my Temp folder. Scans: https://www.virustotal.com/pt/file/e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855/analysis/ https://www.virustotal.com/pt/file/e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855/analysis/ https://www.virustotal.com/pt/file/e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855/analysis/ https://www.virustotal.com/pt/file/9249ab3669f91baacdf184b7b5a7ec444b0f15b302b3e740565ccce18ed56cd7/analysis/1414167798/ https://www.virustotal.com/pt/file/b5a6855e7e2aa0ec66ef2f1de3907b6084d070fae158f472476bd3825f932388/analysis/1414167835/ Screenshot of the TEMP folder: Share this post Link to post Share on other sites
vini23hot Posted October 24, 2014 My SUPERAntiSpyware detected no suspicious file when I put it to scan your entire computer, only Adware.Tracking.Cookie. LOG: SUPERAntiSpyware Scan Log https://www.superantispyware.com Generated 10/24/2014 at 02:37 PM Application Version : 6.0.1158 Database Version : 11571 Scan type : Complete Scan Total Scan Time : 00:37:45 Operating System Information Windows 7 Ultimate 64-bit, Service Pack 1 (Build 6.01.7601) UAC Off - Administrator Memory items scanned : 615 Memory threats detected : 0 Registry items scanned : 77302 Registry threats detected : 0 File items scanned : 79694 File threats detected : 120 Adware.Tracking Cookie C:\Users\Carlos\AppData\Roaming\Microsoft\Windows\Cookies\carlos@server.cpmstar[1].txtC:\Users\Carlos\AppData\Roaming\Microsoft\Windows\Cookies\carlos@server.cpmstar[1].txt [ /server.cpmstar ] .doubleclick.net [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adtechus.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .advertising.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .smartadserver.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .smartadserver.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .basebanner.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] track.adform.net [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .imrworldwide.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ad.mlnadvertising.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .revenuemantra.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .smartadserver.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .xiti.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .xiti.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adtech.de [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .eyeviewads.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .serving-sys.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .serving-sys.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .bs.serving-sys.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .questionmarket.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .questionmarket.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .mmstat.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] tracking.publicidees.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .atdmt.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .atdmt.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .atdmt.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .burstnet.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] a1.adform.net [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adservingml.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adservingml.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ru4.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ru4.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ru4.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ru4.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ru4.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ru4.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adservingml.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .liveperson.net [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .burstnet.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ru4.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .burstnet.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .yadro.ru [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .weborama.fr [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .pro-market.net [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .weborama.fr [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .burstnet.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] track.adform.net [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ads1.boostadvtracking.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ads1.boostadvtracking.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .statcounter.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] track.hubrus.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.zanox.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adfarm1.adition.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad2.adfarm1.adition.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .revsci.net [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] adserver.hotelurbano.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adservingml.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ww489.smartadserver.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .golnovosite.112.2o7.net [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] www.googleadservices.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] tracking.olx-st.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .smartadserver.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .at.atwola.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] www.googleadservices.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .zanox.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adservingml.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .realmediadigital.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .interclick.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .interclick.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .interclick.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] tracking.olx-st.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ads.gamesbannernet.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ads.gamesbannernet.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .rambler.ru [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .game-advertising-online.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .www.trackingclick.net [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] www.googleadservices.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] adserver.adreactor.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .rambler.ru [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .advertising.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] a1.adform.net [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .burstnet.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adservingml.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .toplist.cz [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] in.getclicky.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .fastclick.net [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .advertising.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .bizrate.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .bizrate.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .serving-sys.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] c1.adform.net [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adform.net [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tribalfusion.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .liveperson.net [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .liveperson.net [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .histats.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .fastclick.net [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .burstnet.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .casalemedia.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ww488.smartadserver.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .casalemedia.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .casalemedia.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .casalemedia.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .casalemedia.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .revsci.net [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .revsci.net [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .revsci.net [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ru4.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .atdmt.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ox-d.rocketadserver.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .doubleclick.net [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] www.googleadservices.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] de.realmediadigital.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] adserver.ig.com.br [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] bs.serving-sys.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .serving-sys.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] bs.serving-sys.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] bs.serving-sys.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .serving-sys.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .googleadservices.com [ C:\USERS\CARLOS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ============ End of Log ============ Share this post Link to post Share on other sites