We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
Contact Forum Editor

Send an email to our Forum Editor:


PLEASE NOTE: Your name is used only to let the Forum Editor know who sent the message. Both your name and email address will not be used for any other purpose.

Tech Helproom


It's free to register, to post a question or to start / join a discussion


 

sas false positive?


sunnystaines
Resolved

Likes # 0

anyone been getting false positives last few days with superantispyware. been getting "hijacker deskbar" & "HBHelper" which it needs reboot to clean but is back on its next scan.

full scan with malwarebytes and norton 2011 show clean results

Like this post
Secret-Squirrel

Likes # 0

"tried the jotti's link and downloaded their stopzilla program ................."

I didn't ask you to download and install any of the programs advertised at the bottom of that page.

What you need to do is upload your suspicious file by clicking the "Browse" button, selecting it, then hitting "Submit File" and the sample will get scanned by all the anti-virus products shown on the right-hand side of the page.

Like this post
sunnystaines

Likes # 0

Secret-Squirrel

thanks

will have a closer look again. [i do not recommed that software i downloaded from their web its no good just deleted it]

i had mis understood your original advice.

Like this post
sunnystaines

Likes # 0

Secret-Squirrel

I am lost on browse uploading sorry but suffer poor concentration due to meds

i have tpyed results below from sas

Adaware HBHelper HKCR\CLSID[CA3EB689-8FO9-4026-AA10-B9534C691CEO] HKCR\CLSID[CA3EB689-8FO9-4026-AA10-B9534C691CEO]\IproServer32 HKCR\CLSID[CA3EB689-8FO9-4026-AA10-B9534C691CEO]\ThreadingMdel-] HKCR\CLSID[CA3EB689-8FO9-4026-AA10-B9534C691CEO]\ProgID HKCR\CLSID[CA3EB689-8FO9-4026-AA10-B9534C691CEO]\TypeLib HKCR\CLSID[CA3EB689-8FO9-4026-AA10-B9534C691CEO]\versionIndependentprogID HKLM\Software\Classes\CLSID[CA3EB689-8FO9-4026-AA10-B9534C691CEO]

Browser Hijacker Deskbar HKCR\Interface[4897BBA6-48D9-468C-8EFA-84623D7701B] HKCR\Interface[4897BBA6-48D9-468C-8EFA-84623D7701B]\ProxyStubClsid HKCR\Interface[4897BBA6-48D9-468C-8EFA-84623D7701B]\ProxyStubClsid32 HKCR\Interface[4897BBA6-48D9-468C-8EFA-84623D7701B]\TypeLib HKCR\Interface[4897BBA6-48D9-468C-8EFA-84623D7701B]\TypeLib[version-]

Like this post
sunnystaines

Likes # 0

disaster PCA site has messed up the neat format i spent ages typed out. Hope someone can make sense out of it.

Like this post
Secret-Squirrel

Likes # 0

Sorry to have put you to so much bother.

You won't be able to upload any files to those scanners because SAS hasn't found any. What SAS has found are entries in the Windows Registry that it thinks are suspicious. It's not possible to say definitively whether there's anything to worry about as the Registry keys you've provided point to other keys. However, with all the scans you've already done with other security products, and the fact that SAS hasn't detected any infected files, I reckon it is almost certainly a false positive.

I can't explain why SAS keeps finding the same "infection" after reboot. If you've still got the energy then you might want to consider running SAS in Safe Mode and see if that fixes things for good.

Like this post
sunnystaines

Likes # 0

Secret-Squirrel thanks again for your feedback,already tried safe mode no joy either. I think i will just forget about it for now, just annoying seeing it in the sas results.

Like this post
sunnystaines

Likes # 0

todays defs update 30/7 seem to have fixed it, just got a clear scan. surprised if a FP why no one else reported it.

sas never did reply back to me.

Like this post  
Secret-Squirrel

Likes # 0

Thanks for the feedback :)

Like this post

Reply to this topic

This thread has been locked.



IDG UK Sites

iPad mini 3 vs iPad mini 2 comparison: New iPad mini 3 isn't worth £80 more

IDG UK Sites

Why you shouldn't buy the iPad mini 3: No wonder Apple gave it 10 seconds of stage time

IDG UK Sites

Halloween Photoshop tutorials: 13 masterclasses for horrifying art, designs and type

IDG UK Sites

Should I upgrade from Mavericks to OS X 10.10 Yosemite? What you need to know before updating to...