Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: a-square false positives?

27 Jan 2010   #1
swarfega

Windows 7 Professional 64-bit
 
 
a-square false positives?

I am wondering about some of a-squares findings on my latest scan. Things like winamp and win7codecs muc surely be clean:

Quote:
a-squared Free - Version 4.5
Last update: 27/01/2010 12:24:14

Scan settings:

Scan type: Smart Scan
Objects: Memory, Traces, Cookies, C:\Windows\, C:\Program Files (x86)
Scan archives: On
Heuristics: Off
ADS Scan: On

Scan start: 27/01/2010 12:27:47

Value: HKEY_CLASSES_ROOT\CLSID\{44EEAD9B-4EB1-4236-83BC-1273BB4B01EF} --> AppID detected: Trace.Registry.PC Doc Pro!A2
Value: HKEY_CLASSES_ROOT\CLSID\{44EEAD9B-4EB1-4236-83BC-1273BB4B01EF}\InprocServer32 --> ThreadingModel detected: Trace.Registry.PC Doc Pro!A2
Value: HKEY_CLASSES_ROOT\CLSID\{6C9CA10D-E604-47FB-A2F9-C9A013193609}\InProcServer32 --> ThreadingModel detected: Trace.Registry.PC Doc Pro!A2
Value: HKEY_CLASSES_ROOT\CLSID\{892F787F-B650-4A3E-AA5B-2B8021CE4D0A} --> AppID detected: Trace.Registry.PC Doc Pro!A2
Value: HKEY_CLASSES_ROOT\CLSID\{892F787F-B650-4A3E-AA5B-2B8021CE4D0A}\InprocServer32 --> ThreadingModel detected: Trace.Registry.PC Doc Pro!A2
Value: HKEY_CLASSES_ROOT\CLSID\{A0B0E5AB-617C-4A7D-8A94-9937D24B6670} --> AppID detected: Trace.Registry.PC Doc Pro!A2
Value: HKEY_CLASSES_ROOT\CLSID\{A0B0E5AB-617C-4A7D-8A94-9937D24B6670}\InprocServer32 --> ThreadingModel detected: Trace.Registry.PC Doc Pro!A2
Value: HKEY_CLASSES_ROOT\CLSID\{B34CCD89-D1CD-4F9A-BA6C-936BA7F7A239} --> AppID detected: Trace.Registry.PC Doc Pro!A2
Value: HKEY_CLASSES_ROOT\CLSID\{B34CCD89-D1CD-4F9A-BA6C-936BA7F7A239}\InprocServer32 --> ThreadingModel detected: Trace.Registry.PC Doc Pro!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{44EEAD9B-4EB1-4236-83BC-1273BB4B01EF} --> AppID detected: Trace.Registry.PC Doc Pro!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{44EEAD9B-4EB1-4236-83BC-1273BB4B01EF}\InprocServer32 --> ThreadingModel detected: Trace.Registry.PC Doc Pro!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6C9CA10D-E604-47FB-A2F9-C9A013193609}\InProcServer32 --> ThreadingModel detected: Trace.Registry.PC Doc Pro!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{892F787F-B650-4A3E-AA5B-2B8021CE4D0A} --> AppID detected: Trace.Registry.PC Doc Pro!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{892F787F-B650-4A3E-AA5B-2B8021CE4D0A}\InprocServer32 --> ThreadingModel detected: Trace.Registry.PC Doc Pro!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A0B0E5AB-617C-4A7D-8A94-9937D24B6670} --> AppID detected: Trace.Registry.PC Doc Pro!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A0B0E5AB-617C-4A7D-8A94-9937D24B6670}\InprocServer32 --> ThreadingModel detected: Trace.Registry.PC Doc Pro!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B34CCD89-D1CD-4F9A-BA6C-936BA7F7A239} --> AppID detected: Trace.Registry.PC Doc Pro!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B34CCD89-D1CD-4F9A-BA6C-936BA7F7A239}\InprocServer32 --> ThreadingModel detected: Trace.Registry.PC Doc Pro!A2
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\administrator@247realmedia[2].txt detected: Trace.TrackingCookie.247realmedia!A2
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\administrator@adtech[1].txt detected: Trace.TrackingCookie.adtech!A2
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\administrator@advertising[1].txt detected: Trace.TrackingCookie.advertising!A2
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\administrator@bluestreak[1].txt detected: Trace.TrackingCookie.bluestreak!A2
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\administrator@bs.serving-sys[2].txt detected: Trace.TrackingCookie.bs.serving-sys!A2
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\administrator@casalemedia[1].txt detected: Trace.TrackingCookie.casalemedia!A2
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\administrator@com[2].txt detected: Trace.TrackingCookie.com!A2
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\administrator@doubleclick[1].txt detected: Trace.TrackingCookie.doubleclick!A2
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\administrator@fastclick[1].txt detected: Trace.TrackingCookie.fastclick!A2
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\administrator@mediaplex[1].txt detected: Trace.TrackingCookie.mediaplex!A2
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\administrator@questionmarket[1].txt detected: Trace.TrackingCookie.questionmarket!A2
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\administrator@serving-sys[2].txt detected: Trace.TrackingCookie.serving-sys!A2
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\administrator@tradedoubler[1].txt detected: Trace.TrackingCookie.tradedoubler!A2
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\administrator@tribalfusion[1].txt detected: Trace.TrackingCookie.tribalfusion!A2
C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3635.32303__90ba9c70f846762e\CLI.Component. Dashboard.DLL detected: Trojan-PWS.Win32.FakeAIM!IK
C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3635.32378__90ba9c70f846762e\CLI.Component .Systemtray.DLL detected: Trojan-PWS.Win32.FakeAIM!IK
C:\Program Files (x86)\ArcSoft\TotalMedia Theatre 3\Codec\BDAVNav.ax detected: Win32.SuspectCrc!IK
C:\Program Files (x86)\ArcSoft\TotalMedia Theatre 3\Codec\HDVDNavFilter.ax detected: Win32.SuspectCrc!IK
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Implementation\CLI.Component.Dashboard.dll detected: Trojan-PWS.Win32.FakeAIM!IK
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Implementation\CLI.Component.Systemtray.dll detected: Trojan-PWS.Win32.FakeAIM!IK
C:\Program Files (x86)\FileZilla FTP Client\uninstall.exe detected: Adware.Win32.ALOTToolbar!A2
C:\Program Files (x86)\Win7codecs\Tools\Settings32.exe detected: Packed.Win32.Autoit!A2
C:\Program Files (x86)\Winamp\UninstWA.exe detected: Adware.Win32.ALOTToolbar!A2
C:\Program Files (x86)\Winamp\Uninst_Win7Shell.exe detected: Adware.Win32.ALOTToolbar!A2



My System SpecsSystem Spec
.
27 Jan 2010   #2
swarfega

Windows 7 Professional 64-bit
 
 

no opinions?
My System SpecsSystem Spec
27 Jan 2010   #3
swarfega

Windows 7 Professional 64-bit
 
 

Well Ive made the decision to act only on the cookies and leave the programs alone. MSE should pick up any virii I might have.
My System SpecsSystem Spec
.

27 Jan 2010   #4
Airbot

Windows 7 Ultimate x64 SP1
 
 

I can give you an opinion. During the times I've used a squared off and on over the years it's been around, it's not been shy with giving me false positives. Likes to flag safe system or other harmless files as malicious. Before letting it remove anything, I would investigate the file/s it's flagging, and maybe double check with another scanner/s, upload some of those files to virustotal and check against all the other scanners.
My System SpecsSystem Spec
27 Jan 2010   #5
swarfega

Windows 7 Professional 64-bit
 
 

yeah I read each one before removing the cookies. Ive left the programs alone. Thanks for the input.
My System SpecsSystem Spec
Reply

 a-square false positives?




Thread Tools




Similar help and support threads
Thread Forum
I hate false positives
Malware is bad, but false positives are almost as bad, in my experience. I know no single antimalware is perfect, and free programs aren't near the quality of pay programs, and you often have to run 2 or more to find everything. MSE is.... well, it's free and part of Window sand while it offers...
System Security
Malwarebytes false positives?
I scanned my system using Malwarebytes flash scan and here is the Log Files: 1/3/2012 3:24:19 PM mbam-log-2012-01-03 (15-24-19).txt Scan type: Flash scan Scan options enabled: Memory | Startup | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: Registry | File...
System Security
malwarebytes DB error false positives
My MBAM detected 65 infected Trojan Downloaders on the 1 hour old Clean re-install of Win 7!!! :sarc: Anybody who had the same detection, dont get scared it is False positive: For confirmation look here: Trojan.Downloader detected in 65 system files - Malwarebytes Forum Hope you guys...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 05:19.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App