dslreports logo
spacer Home Reviews Speed Test Tools News Forums Info About Join  
 
    All Forums Hot Topics Gallery
spc

Search similar:
ForumsSoftware and Operating Systems

SecurityLatest update Counter Spy (222) Possible FP????

 uniqs
1102
Share
« Spoolsv.exeMindGuard »
art22gg
Premium Member
join:2005-02-16
Courtenay, BC

art22gg

Premium Member

2005-Aug-22 7:02 pm

Latest update Counter Spy (222) Possible FP????

Hi there,
Just D/L latest updates (222) and got 2 items never seen before.
1) 007 (27 objects) Keylogger Spy 3.7
2) (6 objects) Force 159 (backdoor)
Running win98se
Anyone else seeing these. Have them in quarantine until ???
Thanks,
Art
actions · 2005-Aug-22 7:02 pm ·

CounterSpyAdvocate

Anon

2005-Aug-22 7:10 pm

This may possibly be a false Positive,can you place the scan results into the Forum,for us to take a look @?I just Updated and I am running a scan will report back with more positive proof.But please place the scan results into this forum,for me to take a better look at.
actions · 2005-Aug-22 7:10 pm ·
art22gg
Premium Member
join:2005-02-16
Courtenay, BC

art22gg

Premium Member

2005-Aug-22 7:55 pm

Hi,
If you can give me the "scoop" on how I do this I will be more than pleased to effect this.!!
Art
actions · 2005-Aug-22 7:55 pm ·

mers2
Premium Member
join:2004-03-20
USA
1 edit

mers2 to art22gg

Premium Member

2005-Aug-22 7:59 pm

to art22gg

Re: Latest update Counter Spy (222) Possible FP???

You have to be a beta tester to post in the forums. Can you copy and post your scan report here? Click View>>Spyware Scan>> Scan History then cut and paste results here?

Edited to add: I had no fp on WinME.
actions · 2005-Aug-22 7:59 pm ·

White Rose
Willi Graf
Premium Member
join:2005-07-25

White Rose to art22gg

Premium Member

2005-Aug-22 8:32 pm

to art22gg

Re: Latest update Counter Spy (222) Possible FP????

I got the same results with v. 222 using XP Pro. From the log:

*************************

Detected spyware

Force 1.59 Backdoor more information...
Details: Force properties include remotely acces to the machine n can also steals passwords
Status: Quarantined
Elevated spyware - Elevated threats are usually threats that fall into the range of adware in which data about a user's habits are tracked and sent back to a server for analysis without your consent or knowledge.

Infected registry keys/values detected
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59291-9880-11CF-9754-00AA00C00908}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59291-9880-11CF-9754-00AA00C00908}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59291-9880-11CF-9754-00AA00C00908}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59291-9880-11CF-9754-00AA00C00908}\TypeLib {48E59290-9880-11CF-9754-00AA00C00908}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59291-9880-11CF-9754-00AA00C00908}\TypeLib Version 1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59291-9880-11CF-9754-00AA00C00908} IInet

007 Keylogger Spy 3.7 Surveillance more information...
Details: 007 Keylogger Spy 3.7 is a keylogger which captures all the keystrokes typed by the user invisibly in the background.
Status: Quarantined
Elevated spyware - Elevated threats are usually threats that fall into the range of adware in which data about a user's habits are tracked and sent back to a server for analysis without your consent or knowledge.

Infected registry keys/values detected
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\VersionIndependentProgID InetCtls.Inet
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908} Microsoft Internet Transfer Control 6.0 (SP4)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59294-9880-11CF-9754-00AA00C00908}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59294-9880-11CF-9754-00AA00C00908}\InprocServer32 C:\WINDOWS\system32\MSINET.OCX
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59294-9880-11CF-9754-00AA00C00908} Internet Control General Property Page Object
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59295-9880-11CF-9754-00AA00C00908}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59295-9880-11CF-9754-00AA00C00908}\InprocServer32 C:\WINDOWS\system32\MSINET.OCX
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59295-9880-11CF-9754-00AA00C00908} Internet Control URL Property Page Object
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59292-9880-11CF-9754-00AA00C00908}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59292-9880-11CF-9754-00AA00C00908}\ProxyStubClsid {00020420-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\InprocServer32 C:\WINDOWS\system32\MSINET.OCX
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59292-9880-11CF-9754-00AA00C00908}\ProxyStubClsid32 {00020420-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59292-9880-11CF-9754-00AA00C00908}\TypeLib {48E59290-9880-11CF-9754-00AA00C00908}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59292-9880-11CF-9754-00AA00C00908}\TypeLib Version 1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59292-9880-11CF-9754-00AA00C00908} DInetEvents
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{48E59290-9880-11CF-9754-00AA00C00908}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{48E59290-9880-11CF-9754-00AA00C00908}\1.0\0\win32 C:\WINDOWS\system32\MSINET.OCX
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{48E59290-9880-11CF-9754-00AA00C00908}\1.0\FLAGS 2
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{48E59290-9880-11CF-9754-00AA00C00908}\1.0\HELPDIR
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{48E59290-9880-11CF-9754-00AA00C00908}\1.0 Microsoft Internet Transfer Control 6.0 (SP4)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\InprocServer32 ThreadingModel Apartment
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\MiscStatus\1 132497
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\MiscStatus 0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\ProgID InetCtls.Inet.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\ToolboxBitmap32 C:\WINDOWS\system32\MSINET.OCX, 1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\TypeLib {48E59290-9880-11CF-9754-00AA00C00908}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\Version 1.0
actions · 2005-Aug-22 8:32 pm ·

CounterSpyUser

Anon

2005-Aug-22 8:38 pm

Mers2,good to see you again,I also had No False Positives myself.

Nestor that looks like a False Positive to me,I will draw the attention to a CounterSpy spyware advocate to this Thread and see what she thinks.
actions · 2005-Aug-22 8:38 pm ·

DaHen
Premium Member
join:2002-11-08
Brockton, MA

DaHen to art22gg

Premium Member

2005-Aug-22 8:44 pm

to art22gg

Re: Latest update Counter Spy (222) Possible FP???

I got those two plus WatchDog 2 on this WinXP.

actions · 2005-Aug-22 8:44 pm ·
art22gg
Premium Member
join:2005-02-16
Courtenay, BC

art22gg

Premium Member

2005-Aug-22 8:47 pm

Re: Latest update Counter Spy (222) Possible FP????

Hope this helps---
8/22/05 3:48:05 PM::Initializing Clean - (ScanID: 31BF7E25-1322-11DA-B237-A58313)
8/22/05 3:48:05 PM::Clean Threat 007 Keylogger Spy 3.7 (ID:40946)
8/22/05 3:48:05 PM::Removing file c:\windows\system\msinet.ocx
8/22/05 3:48:05 PM::Restrict Remove File c:\windows\system\msinet.ocx
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\InprocServer32 [=C:\WINDOWS\SYSTEM\MSINET.OCX
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\InprocServer32 [ThreadingModel=Apartment
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\InprocServer32
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\VersionIndependentProgID [=InetCtls.Inet
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\VersionIndependentProgID
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\ProgID [=InetCtls.Inet.1
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\ProgID
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\TypeLib [={48E59290-9880-11CF-9754-00AA00C00908}
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\TypeLib
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\Version [=1.0
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\Version
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\Implemented Categories\{40FC6ED4-2438-11CF-A3DB-080036F12502}
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\Implemented Categories\{0DE86A57-2BAA-11CF-A229-00AA003D7352}
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\Implemented Categories\{0DE86A53-2BAA-11CF-A229-00AA003D7352}
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\Implemented Categories\{0DE86A52-2BAA-11CF-A229-00AA003D7352}
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\Implemented Categories
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\Programmable
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\Control
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\MiscStatus\1 [=132497
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\MiscStatus\1
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\MiscStatus [=0
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\MiscStatus
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\ToolboxBitmap32 [=C:\WINDOWS\SYSTEM\MSINET.OCX, 1
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\ToolboxBitmap32
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908} [=Microsoft Internet Transfer Control 6.0 (SP4)
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}
8/22/05 3:48:05 PM::Removing registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}
8/22/05 3:48:05 PM::Removing file c:\windows\system\msinet.ocx
8/22/05 3:48:05 PM::Restrict Remove File c:\windows\system\msinet.ocx
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59294-9880-11CF-9754-00AA00C00908}\InprocServer32 [=C:\WINDOWS\SYSTEM\MSINET.OCX
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59294-9880-11CF-9754-00AA00C00908}\InprocServer32
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59294-9880-11CF-9754-00AA00C00908} [=Internet Control General Property Page Object
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59294-9880-11CF-9754-00AA00C00908}
8/22/05 3:48:05 PM::Removing registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59294-9880-11CF-9754-00AA00C00908}
8/22/05 3:48:05 PM::Removing file c:\windows\system\msinet.ocx
8/22/05 3:48:05 PM::Restrict Remove File c:\windows\system\msinet.ocx
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59295-9880-11CF-9754-00AA00C00908}\InprocServer32 [=C:\WINDOWS\SYSTEM\MSINET.OCX
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59295-9880-11CF-9754-00AA00C00908}\InprocServer32
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59295-9880-11CF-9754-00AA00C00908} [=Internet Control URL Property Page Object
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59295-9880-11CF-9754-00AA00C00908}
8/22/05 3:48:05 PM::Removing registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59295-9880-11CF-9754-00AA00C00908}
8/22/05 3:48:05 PM::Removing file C:\WINDOWS\SYSTEM\MSINET.OCX
8/22/05 3:48:05 PM::Restrict Remove File C:\WINDOWS\SYSTEM\MSINET.OCX
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59292-9880-11CF-9754-00AA00C00908}\ProxyStubClsid [={00020420-0000-0000-C000-000000000046}
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59292-9880-11CF-9754-00AA00C00908}\ProxyStubClsid
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59292-9880-11CF-9754-00AA00C00908}\ProxyStubClsid32 [={00020420-0000-0000-C000-000000000046}
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59292-9880-11CF-9754-00AA00C00908}\ProxyStubClsid32
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59292-9880-11CF-9754-00AA00C00908}\TypeLib [={48E59290-9880-11CF-9754-00AA00C00908}
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59292-9880-11CF-9754-00AA00C00908}\TypeLib [Version=1.0
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59292-9880-11CF-9754-00AA00C00908}\TypeLib
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59292-9880-11CF-9754-00AA00C00908} [=DInetEvents
8/22/05 3:48:05 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59292-9880-11CF-9754-00AA00C00908}
8/22/05 3:48:05 PM::Removing registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59292-9880-11CF-9754-00AA00C00908}
8/22/05 3:48:05 PM::Removing file C:\WINDOWS\SYSTEM\MSINET.OCX
8/22/05 3:48:06 PM::Restrict Remove File C:\WINDOWS\SYSTEM\MSINET.OCX
8/22/05 3:48:06 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{48E59290-9880-11CF-9754-00AA00C00908}\1.0\FLAGS [=2
8/22/05 3:48:06 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{48E59290-9880-11CF-9754-00AA00C00908}\1.0\FLAGS
8/22/05 3:48:06 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{48E59290-9880-11CF-9754-00AA00C00908}\1.0\0\win32 [=C:\WINDOWS\SYSTEM\MSINET.OCX
8/22/05 3:48:06 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{48E59290-9880-11CF-9754-00AA00C00908}\1.0\0\win32
8/22/05 3:48:06 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{48E59290-9880-11CF-9754-00AA00C00908}\1.0\0
8/22/05 3:48:06 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{48E59290-9880-11CF-9754-00AA00C00908}\1.0\HELPDIR
8/22/05 3:48:06 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{48E59290-9880-11CF-9754-00AA00C00908}\1.0 [=Microsoft Internet Transfer Control 6.0 (SP4)
8/22/05 3:48:06 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{48E59290-9880-11CF-9754-00AA00C00908}\1.0
8/22/05 3:48:06 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{48E59290-9880-11CF-9754-00AA00C00908}
8/22/05 3:48:06 PM::Removing registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{48E59290-9880-11CF-9754-00AA00C00908}
8/22/05 3:48:06 PM::Clean Threat 007 Keylogger Spy 3.7 (ID:40946) Complete
8/22/05 3:48:06 PM::Clean Threat Force 1.59 (ID:40914)
8/22/05 3:48:06 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59291-9880-11CF-9754-00AA00C00908}\ProxyStubClsid [={00020424-0000-0000-C000-000000000046}
8/22/05 3:48:06 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59291-9880-11CF-9754-00AA00C00908}\ProxyStubClsid
8/22/05 3:48:06 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59291-9880-11CF-9754-00AA00C00908}\ProxyStubClsid32 [={00020424-0000-0000-C000-000000000046}
8/22/05 3:48:06 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59291-9880-11CF-9754-00AA00C00908}\ProxyStubClsid32
8/22/05 3:48:06 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59291-9880-11CF-9754-00AA00C00908}\TypeLib [={48E59290-9880-11CF-9754-00AA00C00908}
8/22/05 3:48:06 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59291-9880-11CF-9754-00AA00C00908}\TypeLib [Version=1.0
8/22/05 3:48:06 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59291-9880-11CF-9754-00AA00C00908}\TypeLib
8/22/05 3:48:06 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59291-9880-11CF-9754-00AA00C00908} [=IInet
8/22/05 3:48:06 PM::Removing registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59291-9880-11CF-9754-00AA00C00908}
8/22/05 3:48:06 PM::Removing registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59291-9880-11CF-9754-00AA00C00908}
8/22/05 3:48:06 PM::Clean Threat Force 1.59 (ID:40914) Complete
8/22/05 3:48:06 PM::Unititializing Clean
8/22/05 3:48:06 PM::------------------------------------------------------------------
actions · 2005-Aug-22 8:47 pm ·

mers2
Premium Member
join:2004-03-20
USA

mers2 to art22gg

Premium Member

2005-Aug-22 9:11 pm

to art22gg

Re: Latest update Counter Spy (222) Possible FP???

I checked back through the beta reports for this definition set and these weren't among those reported. Since Counterspy user alerted Sunbelt to this thread, hopefully someone will respond soon.
actions · 2005-Aug-22 9:11 pm ·
suzi5
Premium Member
join:2004-05-01

2 recommendations

suzi5 to art22gg

Premium Member

2005-Aug-22 11:55 pm

to art22gg

Re: Latest update Counter Spy (222) Possible FP????

Hi everyone,

I got the same results on 2 of my machines and have confirmed they are false positives. Sunbelt has been notified and will be correcting the problem soon.

Best,

Suzi
actions · 2005-Aug-22 11:55 pm ·

mers2
Premium Member
join:2004-03-20
USA

mers2

Premium Member

2005-Aug-22 11:57 pm

Re: Latest update Counter Spy (222) Possible FP???

Thanks Suzi!
actions · 2005-Aug-22 11:57 pm ·
art22gg
Premium Member
join:2005-02-16
Courtenay, BC

art22gg

Premium Member

2005-Aug-23 1:03 am

Re: Latest update Counter Spy (222) Possible FP????

YES, Thanks Suzi!!
Art
actions · 2005-Aug-23 1:03 am ·

newview
Ex .. Ex .. Exactly
Premium Member
join:2001-10-01
Parsonsburg, MD

newview to art22gg

Premium Member

2005-Aug-23 2:22 am

to art22gg

Re: Latest update Counter Spy (222) Possible FP???

Same results on Win98SE v222 . . .

Spyware Scan Details
Start Date: 08/23/2005 1:54:52 AM
End Date: 08/23/2005 1:59:59 AM
Total Time: 5 mins 7 secs

Detected spyware

Force 1.59 Backdoor more information...
Details: Force properties include remotely acces to the machine n can also steals passwords
Status: Ignored
Elevated spyware - Elevated threats are usually threats that fall into the range of adware in which data about a user's habits are tracked and sent back to a server for analysis without your consent or knowledge.

Infected registry keys/values detected
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59291-9880-11CF-9754-00AA00C00908}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59291-9880-11CF-9754-00AA00C00908}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59291-9880-11CF-9754-00AA00C00908}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59291-9880-11CF-9754-00AA00C00908}\TypeLib {48E59290-9880-11CF-9754-00AA00C00908}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59291-9880-11CF-9754-00AA00C00908}\TypeLib Version 1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59291-9880-11CF-9754-00AA00C00908} IInet

WatchDog 2 Surveillance more information...
Details: Watchdog is a Internet monitoring spy software.
Status: Ignored
Elevated spyware - Elevated threats are usually threats that fall into the range of adware in which data about a user's habits are tracked and sent back to a server for analysis without your consent or knowledge.

Infected registry keys/values detected
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{275DBBA0-805A-11CF-91F7-C2863C385E30}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6262D3A0-531B-11CF-91F6-C2863C385E30}\Version 1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6262D3A0-531B-11CF-91F6-C2863C385E30}\MiscStatus\1 131473
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6262D3A0-531B-11CF-91F6-C2863C385E30}\MiscStatus 0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6262D3A0-531B-11CF-91F6-C2863C385E30}\ToolboxBitmap32 C:\WINDOWS\SYSTEM\msflxgrd.ocx, 1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6262D3A0-531B-11CF-91F6-C2863C385E30} Microsoft FlexGrid Control, version 6.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6319EEA0-531B-11CF-91F6-C2863C385E30}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6319EEA0-531B-11CF-91F6-C2863C385E30}\InprocServer32 C:\WINDOWS\SYSTEM\msflxgrd.ocx
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6319EEA0-531B-11CF-91F6-C2863C385E30} MSFlexGrid General Property Page Object
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5F4DF280-531B-11CF-91F6-C2863C385E30}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5F4DF280-531B-11CF-91F6-C2863C385E30}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{275DBBA0-805A-11CF-91F7-C2863C385E30}\InprocServer32 C:\WINDOWS\SYSTEM\msflxgrd.ocx
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5F4DF280-531B-11CF-91F6-C2863C385E30}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5F4DF280-531B-11CF-91F6-C2863C385E30}\TypeLib {5E9E78A0-531B-11CF-91F6-C2863C385E30}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5F4DF280-531B-11CF-91F6-C2863C385E30}\TypeLib Version 1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5F4DF280-531B-11CF-91F6-C2863C385E30} IMSFlexGrid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{609602E0-531B-11CF-91F6-C2863C385E30}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{609602E0-531B-11CF-91F6-C2863C385E30}\ProxyStubClsid {00020420-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{609602E0-531B-11CF-91F6-C2863C385E30}\ProxyStubClsid32 {00020420-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{609602E0-531B-11CF-91F6-C2863C385E30}\TypeLib {5E9E78A0-531B-11CF-91F6-C2863C385E30}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{609602E0-531B-11CF-91F6-C2863C385E30}\TypeLib Version 1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{609602E0-531B-11CF-91F6-C2863C385E30} DMSFlexGridEvents
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{275DBBA0-805A-11CF-91F7-C2863C385E30} MSFlexGrid Style Property Page Object
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9F6AA700-D188-11CD-AD48-00AA003C9CB6}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9F6AA700-D188-11CD-AD48-00AA003C9CB6}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9F6AA700-D188-11CD-AD48-00AA003C9CB6}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9F6AA700-D188-11CD-AD48-00AA003C9CB6}\TypeLib {5E9E78A0-531B-11CF-91F6-C2863C385E30}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9F6AA700-D188-11CD-AD48-00AA003C9CB6}\TypeLib Version 1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9F6AA700-D188-11CD-AD48-00AA003C9CB6} IRowCursor
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5E9E78A0-531B-11CF-91F6-C2863C385E30}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5E9E78A0-531B-11CF-91F6-C2863C385E30}\1.0\FLAGS 2
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5E9E78A0-531B-11CF-91F6-C2863C385E30}\1.0\0\win32 C:\WINDOWS\SYSTEM\msflxgrd.ocx
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5E9E78A0-531B-11CF-91F6-C2863C385E30}\1.0\HELPDIR C:\WINDOWS\\HELP
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6262D3A0-531B-11CF-91F6-C2863C385E30}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5E9E78A0-531B-11CF-91F6-C2863C385E30}\1.0 Microsoft FlexGrid Control 6.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6262D3A0-531B-11CF-91F6-C2863C385E30}\InprocServer32 C:\WINDOWS\SYSTEM\msflxgrd.ocx
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6262D3A0-531B-11CF-91F6-C2863C385E30}\InprocServer32 ThreadingModel Apartment
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6262D3A0-531B-11CF-91F6-C2863C385E30}\VersionIndependentProgID MSFlexGridLib.MSFlexGrid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6262D3A0-531B-11CF-91F6-C2863C385E30}\ProgID MSFlexGridLib.MSFlexGrid.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6262D3A0-531B-11CF-91F6-C2863C385E30}\TypeLib {5E9E78A0-531B-11CF-91F6-C2863C385E30}

007 Keylogger Spy 3.7 Surveillance more information...
Details: 007 Keylogger Spy 3.7 is a keylogger which captures all the keystrokes typed by the user invisibly in the background.
Status: Ignored
Elevated spyware - Elevated threats are usually threats that fall into the range of adware in which data about a user's habits are tracked and sent back to a server for analysis without your consent or knowledge.

Infected registry keys/values detected
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\ToolboxBitmap32 C:\WINDOWS\SYSTEM\MSINET.OCX, 1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908} Microsoft Internet Transfer Control 6.0 (SP4)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59294-9880-11CF-9754-00AA00C00908}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59294-9880-11CF-9754-00AA00C00908}\InprocServer32 C:\WINDOWS\SYSTEM\MSINET.OCX
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59294-9880-11CF-9754-00AA00C00908} Internet Control General Property Page Object
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59295-9880-11CF-9754-00AA00C00908}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59295-9880-11CF-9754-00AA00C00908}\InprocServer32 C:\WINDOWS\SYSTEM\MSINET.OCX
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59295-9880-11CF-9754-00AA00C00908} Internet Control URL Property Page Object
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59292-9880-11CF-9754-00AA00C00908}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59292-9880-11CF-9754-00AA00C00908}\ProxyStubClsid {00020420-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\InprocServer32 C:\WINDOWS\SYSTEM\MSINET.OCX
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59292-9880-11CF-9754-00AA00C00908}\ProxyStubClsid32 {00020420-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59292-9880-11CF-9754-00AA00C00908}\TypeLib {48E59290-9880-11CF-9754-00AA00C00908}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59292-9880-11CF-9754-00AA00C00908}\TypeLib Version 1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59292-9880-11CF-9754-00AA00C00908} DInetEvents
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{48E59290-9880-11CF-9754-00AA00C00908}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{48E59290-9880-11CF-9754-00AA00C00908}\1.0\FLAGS 2
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{48E59290-9880-11CF-9754-00AA00C00908}\1.0\0\win32 C:\WINDOWS\SYSTEM\MSINET.OCX
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{48E59290-9880-11CF-9754-00AA00C00908}\1.0 Microsoft Internet Transfer Control 6.0 (SP4)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\InprocServer32 ThreadingModel Apartment
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\VersionIndependentProgID InetCtls.Inet
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\ProgID InetCtls.Inet.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\TypeLib {48E59290-9880-11CF-9754-00AA00C00908}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\Version 1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\MiscStatus\1 132497
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\MiscStatus 0
actions · 2005-Aug-23 2:22 am ·
feverfive
join:2005-06-16
Iowa
1 edit

feverfive to art22gg

Member

2005-Aug-23 4:02 am

to art22gg
I got the same results; the two potential fp's are still sitting in quarantine.....Needless to say, I was shocked as I am very careful; I was racking my brain trying to figure out how this ended up on my machine.

EDIT: Ooops, just noted above it is posted these clearly are fp's; does that mean I can restore the two quarantine entries? What was actually flagged/caught?
------------------------------

Spyware Scan Details
Start Date: 8/23/2005 2:14:20 AM
End Date: 8/23/2005 2:24:11 AM
Total Time: 9 mins 51 secs

Detected spyware

Force 1.59 Backdoor more information...
Details: Force properties include remotely acces to the machine n can also steals passwords
Status: Quarantined
Elevated spyware - Elevated threats are usually threats that fall into the range of adware in which data about a user's habits are tracked and sent back to a server for analysis without your consent or knowledge.

Infected registry keys/values detected
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59291-9880-11CF-9754-00AA00C00908}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59291-9880-11CF-9754-00AA00C00908}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59291-9880-11CF-9754-00AA00C00908}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59291-9880-11CF-9754-00AA00C00908}\TypeLib {48E59290-9880-11CF-9754-00AA00C00908}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59291-9880-11CF-9754-00AA00C00908}\TypeLib Version 1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59291-9880-11CF-9754-00AA00C00908} IInet

007 Keylogger Spy 3.7 Surveillance more information...
Details: 007 Keylogger Spy 3.7 is a keylogger which captures all the keystrokes typed by the user invisibly in the background.
Status: Quarantined
Elevated spyware - Elevated threats are usually threats that fall into the range of adware in which data about a user's habits are tracked and sent back to a server for analysis without your consent or knowledge.

Infected registry keys/values detected
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\VersionIndependentProgID InetCtls.Inet
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908} Microsoft Internet Transfer Control 6.0 (SP4)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59294-9880-11CF-9754-00AA00C00908}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59294-9880-11CF-9754-00AA00C00908}\InprocServer32 C:\WINDOWS\system32\MSINET.OCX
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59294-9880-11CF-9754-00AA00C00908} Internet Control General Property Page Object
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59295-9880-11CF-9754-00AA00C00908}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59295-9880-11CF-9754-00AA00C00908}\InprocServer32 C:\WINDOWS\system32\MSINET.OCX
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59295-9880-11CF-9754-00AA00C00908} Internet Control URL Property Page Object
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59292-9880-11CF-9754-00AA00C00908}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59292-9880-11CF-9754-00AA00C00908}\ProxyStubClsid {00020420-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\InprocServer32 C:\WINDOWS\system32\MSINET.OCX
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59292-9880-11CF-9754-00AA00C00908}\ProxyStubClsid32 {00020420-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59292-9880-11CF-9754-00AA00C00908}\TypeLib {48E59290-9880-11CF-9754-00AA00C00908}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59292-9880-11CF-9754-00AA00C00908}\TypeLib Version 1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48E59292-9880-11CF-9754-00AA00C00908} DInetEvents
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{48E59290-9880-11CF-9754-00AA00C00908}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{48E59290-9880-11CF-9754-00AA00C00908}\1.0\0\win32 C:\WINDOWS\system32\MSINET.OCX
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{48E59290-9880-11CF-9754-00AA00C00908}\1.0\FLAGS 2
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{48E59290-9880-11CF-9754-00AA00C00908}\1.0\HELPDIR
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{48E59290-9880-11CF-9754-00AA00C00908}\1.0 Microsoft Internet Transfer Control 6.0 (SP4)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\InprocServer32 ThreadingModel Apartment
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\MiscStatus\1 132497
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\MiscStatus 0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\ProgID InetCtls.Inet.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\ToolboxBitmap32 C:\WINDOWS\system32\MSINET.OCX, 1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\TypeLib {48E59290-9880-11CF-9754-00AA00C00908}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\Version 1.0

Detected Spyware Cookies
No spyware cookies were found during this scan.
actions · 2005-Aug-23 4:02 am ·

DaHen
Premium Member
join:2002-11-08
Brockton, MA

DaHen to suzi5

Premium Member

2005-Aug-23 6:20 am

to suzi5


Thanks Suzi.
actions · 2005-Aug-23 6:20 am ·

mers2
Premium Member
join:2004-03-20
USA
1 edit

mers2 to art22gg

Premium Member

2005-Aug-23 5:49 pm

to art22gg
New definitions file 224 is now available.
actions · 2005-Aug-23 5:49 pm ·

DaHen
Premium Member
join:2002-11-08
Brockton, MA

DaHen

Premium Member

2005-Aug-23 6:54 pm

Got it and ran a clean scan this time.

Thanks.

actions · 2005-Aug-23 6:54 pm ·

Spy4
Premium Member
join:2001-09-22
NE

Spy4 to art22gg

Premium Member

2005-Aug-24 12:39 am

to art22gg
Same situation here and it's been corrected.
actions · 2005-Aug-24 12:39 am ·
suzi5
Premium Member
join:2004-05-01

suzi5 to art22gg

Premium Member

2005-Aug-24 1:36 am

to art22gg

Re: Latest update Counter Spy (222) Possible FP????

The false positives were fixed in 224. You can always see the latest defs here:

»research.sunbelt-softwar ··· ions.cfm

The left column is for the release version 1.0.29. The beta 1.5 is sometimes on a different version but it's not shown on that page, only on the beta forum.
actions · 2005-Aug-24 1:36 am ·
ForumsSoftware and Operating SystemsSecurity
« Spoolsv.exeMindGuard »